Arrrrgh! How many times have I seen something like:
This website uses cookies in order to provide you with features to make this website work. You can still opt-out if you wish but some features may not work. You can do this by reviewing the settings. We would encourage you to take the time to read our Cookie Policy
Every time I go to a new website, up it pops… Engulfing part or the whole screen, obscuring the information, forcing me to make some on the spot decision and possibly even trying to train me in the wonders of cookies. Yep, you guessed it… the one above is ours, which at some point or another you saw and… what did you do?
By far the majority will have pressed the “Accept” button, without delighting in the beautifully worded cookie policy or reviewed the detailed settings options. Why? Because you wanted to get on with browsing and, well, “what’s the point”?
But..."It's the law" you know!
Yes, absolutely. It’s the Privacy and Electronic Communications Regulations (PECR), or ‘pecker’, to be precise. But that doesn’t stop it being irritating.
The problem is that in the process of informing a website visitor in a compliant manner we are all contributing to obfuscating the message. That, in turn, defeats the core purpose of the PECR which is to ensure that people have the privacy that they deserve and desire.
The application of this law has made every website point at the problem and now the majority of people just get rid of it quickly, usually by pressing an accept button.
"A point in every direction is the same as no point at all"
Keeping your PECR up... to code
- If your website uses cookies, and it probably does, you have to tell the unsuspecting users that you are storing stuff on their device and what you, and others, doing with it. Some of that information could be personal to visitors and, although it is not being stored elsewhere, it’s still being processed by the websites that they visit.
Therefore, this irritating internet interruption is there to show that an organisation:
- is open and clear about how it uses ‘online identifiers’, like cookies
- where possible, gives the user a chance of selecting in which ways they wish to participate and share their data
- gains the correct consent for processing the website visitors personal data
- The request for permission to set and use cookies needs to be clear, evident and mandatory.
- There shouldn’t be any bias in the options available to the user. for example, buttons to accept, reject or manage the cookies should be equally sized and weighted.
- If a user ignores the consent request, it does not mean that they have agreed anyway. A positive acceptance is required to use any non-essential cookies. In the meantime, they may suffer a less-desirable experience.
- You need to consider the use of all cookies you use, even if your site didn’t set them up. So if you use things like tracking pixels, you need consent to use that information for your site
So what's the point?
Well, mainly, I got it off my chest.
Is it irritating? Yes! Is it legally required? Absolutely! Is there a better way? Now there’s the question.
We could improve the general education of users. That could help everyone understand what is possible with a cookie, but is unfeasible to effectively deliver to every internet user.
How about eliminating cookies from your website? That is very possible, but would make repeat visits to the same website a poorer experience as none of your settings would be remembered, for example.
Something else… any ideas? We’d love to hear your ideas. However, in the meantime, better get on top of your cookie compliance.
