Cookies are messages that are sent to a web browser or server that are created from historical user data. The message contains data about the user collected from memory and can influence the way we use the Internet based on what interests us or what we have previously browsed. So it is effectively stored in the user’s memory.
Most websites use this information to improve functionality for the user and to track the performance of their own websites so that they can continue to improve the user experience, but it is the minority who use this information dishonestly that have convinced the ICO to incorporate this new law.
Necessary cookies are those that remember your login details or cart details when you shop online. Anything that simply remembers your search habits or the websites you have been viewing is now prohibited.
So what does this mean for websites? Is it a good thing or a bad thing? Well, for most websites within the EU, it actually means that they are breaking the law and could be classified as illegal.
However, do not threaten, as you have until May 2012 to get rid of the cookies associated with your site or create warnings for your users and the option to disable them. But that, for many website owners, is the problem and also an annoying inconvenience for web users, as in most cases it will mean excessive use of pop-ups.
Of course, the opposite of the problems caused by the new cookie legislation is simply removing them all. But this will also hurt the user experience, as the functionality of the website is something that will be particularly affected.
What will happen if you ignore the new law?
The ICO has yet to implement any formal enforcement style for those who do not comply with the new law, but they have hinted at civil monetary penalties. These won’t be enforced until after May 2012, largely due to the fact that even the ICO can see that making the changes necessary to comply with the law will struggle.
The problem with the way they have done it is that it clearly contradicts the problem they are trying to counter by introducing the law. It is written in a way that assumes that the person who enters your site knows what a cookie is and what it does. The purpose of the laws is to help protect those who do not know what a cookie is or does, so that their own site does not effectively comply with its own legislation.
Ask any website developer what they think of the law and you may want to cover your ears when giving your honest opinion. Yes, protecting people’s privacy is definitely an issue that needs to be addressed, but incorporating this law is too broad for its purpose.
To put it in perspective, if a window cleaner was stealing from the properties you worked on. So you wouldn’t go out and ban all window cleaners or require permission forms to be signed every time they come to clean your windows. It would slow down your work and upset you as a homeowner. Instead, it would penalize those who are breaking the law.