Responding to the EU e-Privacy Directive
The deadline for compliance with the EU e-Privacy Directive is fast approaching. For those not familiar with the ‘EU Cookie Law’, here’s a brief, non-technical introduction:
exp_tracker: this cookie temporarily keeps track of the last 5 pages you visited on the site. This information allows the site to redirect you to the page you were on before activities such as submitting a comment or sending an email through the contact form. It is a ‘session’ cookie, meaning it expires as soon as you close your browser.
exp_last_activity and exp_last_visit: these cookies store the dates of your last activity on the site. exp_last_visit is only relevant to registered users — if you’re browsing the site as a guest, this cookie will be set to a date in the past. These are ‘persistent’ cookies, which do not automatically expire when you close your browser.
exp_css_skin: if you have made any display choices (for example to select a high-visibility layout for visually impaired visitors) this persistent cookie is used to remember your choice next time you visit.
If you are allowing a third-party site to set cookies, which will be the case if your website uses Google Analytics, YouTube videos, or sharing/bookmarking services such as AddThis, then a link to their privacy policies would probably be a good idea, too. Ironically there is so far no sign of the Internet’s big data collectors updating their policies or practices to conform to the Directive, despite the fact that they are likely to be amongst its primary targets.
If you have any concerns about your website’s compliance with the EU e-Privacy Directive, please feel free to get in touch.
The Information Commissioner's Office introduced a last-minute clarification of their guidance, and are now advising that explicit consent is not required after all, “Implied consent is a valid form of consent and can be used in the context of compliance with the revised rules on cookies.”
So, to stay on the right side of the law, you need to:
- Explain the purpose of each cookie.
Please note that this is professional advice, not legal advice. For legal advice you should of course contact your legal adviser.