Chances are you may have heard that the EU is introducing a few changes to legislation around cookies and internet privacy. Not everyone, if anyone, fully understands the new laws coming into effect, but we thought it’d be wise to share what we know and understand so far.
The uncertainty around these laws has caused the UK to delay enforcement for a year to fully comply. There’s a very useful document (PDF) provided by the UK ICO that helps explain what is changing in plain English.
What are the new EU cookie laws?
- EU Directive 2009/136/EC requires prior consent for “storing of information, or the gaining of access to information already stored†– Articles 5(3) and 6(3).
- Article 29 WP Opinion 171 states that all data read from a device is protected (3.2.1.): “Article 5(3) requires obtaining informed consent to lawfully store information or to gain access to information stored in the terminal equipment of a subscriber or user.â€
When do I need to start worrying about these new laws?
The new EU legislation was supposed to have been passed by all EU countries by 25th May 2011. The only countries to have responded so far are the UK, Denmark, and Estonia.
The UK has given site owners another year to get their sites in order before enforcing the cookie laws.
Enforcement of these laws in unlikely any time soon. However, as a precaution, it is encouraged that all sites review their policies on privacy and understand which cookies they are asking their visitors to store.
How does GoSquared currently use cookies to provide real-time analytics?
We currently have very little dependence on cookies. GoSquared’s cookies are stored on the end user’s device as if they were created by the site that is using GoSquared itself.
The only reason GoSquared uses cookies is to identify each of your visitors as a unique visitor, and to determine whether they have been to your site before.
We do not use cookies to transfer data about individual visitors between multiple sites.
We do not use cookies to enable our customers to adapt content on their sites based on browsing patterns and history across other sites using GoSquared.
We do not share any analytical information that we collect with any third parties without prior consent.
We store all information on our secure servers hosted by Amazon Web Services. We backup all files securely and redundantly. We have strict internal policies on staff access to the analytical information we collect.
View GoSquared’s Privacy Policy.
How do the new laws affect GoSquared?
We’re still assessing how the changes to EU privacy law affect GoSquared’s ability to enable you to monitor your website’s traffic in real-time. We are confident that GoSquared will continue to be just as powerful, useful, and fun as you know it right now.
We do not rely on cookies to detect information about your site’s visitors – knowing which browser, which operating system, screen size, and the location of your visitors (and much more) is all possible whether cookies are present or not.
We are working on a number of different technologies behind the scenes right now, and our reliance on browser cookies is decreasing all the time.
What is GoSquared doing to help explain this complex issue to my site’s visitors?
We are working to provide you, our customers, with an easy-to-read set of text that you can copy and paste into your own sites to help explain what you are using GoSquared for. This text will explain how we use cookies, and how we store, process, and secure all information that we receive.
It is likely that you will need to actively notify your visitors about the cookies they need to accept. It is important to stress that if you are using other analytical services and advertising services, then you will need to notify your visitors of the cookies these services are using and relying on – they may be very different to GoSquared.
Previously, if a visitor’s browser was set to accept cookies then this was classed as “obtaining consent” from your visitors. However, we all know that isn’t really the case – there’s a lot of nasty services out there that store cookies on individuals’ machines for harmful or dishonest reasons, and a lot of internet users don’t realise this. That’s why the new laws state that you must obtain prior consent in one of a number of unsubtle ways:
- The UK ICO site has a PDF on how you can legitimately gain consent from your site’s visitors.
- The ICO site itself has an example of how you can ask for permission to store cookies (along the top).
- All Things D also has a notice that shows when you first visit (you may need to clear your cookies to see it) that clarifies which cookies are being used.
Have questions?
GoSquared is continuing to evaluate the various laws and directives from the EU Commission. We want your feedback on this, and we want to hear from you if you have any concerns. Please feel free to keep this discussion going with us on the blog, on Twitter, on Facebook, or send us an email.
View GoSquared’s Terms & Conditions and Privacy Policy.
This stuff is tricky
Because it’s so tricky, and you’ve taken the time to read up on this, here’s a good recipe for some chocolate chip cookies.