I’ve been trying to do a bit of research on an EU Directive that requires website owners like me to get permission to use certain types of cookies on our sites. If you’re raising your eyebrows in surprise then read on because – yes – this could affect you too…
The short version is that EU based sites now have to get permission from users to put cookies on their computers (although there is a let-out for cookies that are essential for the running of the site which probably extends to things like shopping carts – although don’t take my word for it – I’m not a lawyer).
But if we want to run analytics, advertising, social media plug-ins, and probably more stuff then we’ll need explicit user permission.
Why do we have to do this?
Well, from a user perspective the argument goes that we the computer users are not well enough educated about the cookies that websites put on our computers. Contextual advertising is good example of this – ads that follow you around from site to site depending on your search behaviour and what you might have clicked through to. Ever notice those? I get one for a certain business seminar that I once clicked and the same ad followed me round from site to site for months. It got to be kind of a ‘friendly face’. I knew why it was there and I took it as a warning to be careful what I clicked! I also knew that I easily be rid of my bearded friend if I just deleted my cookies.
But those in favour of the new regs argue that not everyone is as cookie-savvy as me and that protection is needed. And this should come in the form of explicit consent.
A potential business nightmare…?
From the perspective of the small business, on the other hand, this could be a real pain. Will we need to install a pop-up asking for this permission every time someone visits? And is that every time? Or are we allowed to cookie them to remember their preference?
You can see the potential for cookie confusion here. And not just for the business. Couldn’t this get to be a teensy bit annoying for the user as well?
So why should we care?
It’s highly likely this kind of business-based solution would increase bounce rates for EU based sites (that when a user just closes down your site on the first page). Some would also argue that it’s anti-competitive – and that EU sites are being unfairly penalised compared to the rest of the world (and of course the US in particular).
And goodness knows what impact this might have on search results – if your site’s getting a high bounce rate will your Google ranking go down?
Any compromise likely?
Well, a better solution would seem to be a browser based one. We can already set our cookie preferences on internet browsers so if this could be the way that permission was given for cookies then that would seem to be more efficient.
Why not make it a once-and-for all choice with a page or so of information explaining what the user is potentially signing up to and how they can change it if they want to. Better for business better for the user – or at least that’s my argument.
Still, we’ll see which way the cookie crumbles come May 2012 when the deadline for implementing this hits us…