How to perform a website cookie audit

This article will show you a quick and easy way of auditing your website for cookies.

You’ll need Google Chrome – you can download it for free if you don’t have it already.

Now to find out what cookies your website uses.

How to audit your site for cookies

Step 1: switch on Chrome’s Developer Tools

How to switch on Google Chrome Developer Tools

Switching on Google Chrome Developer Tools

Step 2: open up the “cookie” resources view

How to view cookies in Google Chrome

Viewing website cookies using Google Chrome Developer Tools

Step 3: browse ALL of your website pages

Now navigate through your website, visiting each page.

As you go you’ll see the console in the bottom half of the screen fill up with cookie information. Take note as you go.

It’s important not to simply check your homepage, as there may be cookies being set by plugins that only run on certain pages.

You should also:

  • Login to WordPress (spot the additional cookies)
  • Leave a blog comment (you can always delete it later)
  • Close the Cookie Law Info tab (watch for a cookie called “viewed_cookie_policy”)
  • If you have one, view a [YouTube] video, as these features sometimes drop ‘third party’ cookies
  • If you have such a feature, click ‘like’, ‘tweet’, etc – these also leave cookies
There are plenty of other ways your site could leave cookies, this is by no means an exhaustive method. But it’s a start, and for most content-only websites this should be enough.

Cookie Information

Now that you know what cookies are being set, you’ll want to know what type of cookie they are and how long they are set for.

Cookie types are either session (stored only whilst you browse the site) or persistent (stored even after you have left – e.g. 1 year). Cookies that your own website sets are called first party cookies, and those set by other websites who run content on your website are known as third party cookies – for example Facebook sets cookies via your website if somebody ‘likes’ one of the posts on your site.

For example, the Cookie Law Info plugin sets a cookie to remember if the visitor has accepted/closed the cookie info bar. It sets a persistent cookie called ‘viewed_cookie_policy‘ for 365 days.

For more information on what cookies are being set, the following articles are recommended:

Summary

It’s by no means the only way and there are better ways, but this method is quick and easy and it should cover very nearly all if not all of the cookies your site uses.

Submit to StumbleUponDigg ThisShare via email

Does my website use cookies?

How do you know if your website uses cookies or similar technologies?

To know what you have to do to comply with the EU Cookie Law, you first need to know what cookies your site is using. It might be more than you think.

For example, does your website have any of these technologies or features?

  • WordPress, or any other content management system
  • Google Analytics, or any similar website analytics program
  • A blog
  • Facebook, Twitter, Google+ or other social media “like” buttons or plugins
  • Flash
  • Google AdSense and/or AdWords
  • Personalised settings e.g. a welcome message, remember my email, “don’t show me popup ‘x’”
  • A shopping basket / cart

All of these features use cookies.

Strictly Necessary

You don’t need to get consent for all cookies, however. Cookies that are “strictly necessary” for the running of your website are excluded from the directive. The definition of “strictly necessary” is black and white though:

Cookies that are considered strictly necessary:

  • Cookies to remember items in a shopping basket
  • Cookies providing essential security measures
  • Cookies used for quick loading and distribution of content

However, some common web services are NOT considered strictly necessary:

  • Google Analytics, or similar software to analyse visitors
  • Cookies that remember user preferences
  • First and third party advertising cookies
  • Facebook like buttons

Example: does WordPress use cookies?

WordPress is a very popular Content Management System, used to provide website content for over 15 million websites. It uses cookies for two purposes.

  1. Registered members need a cookie to be able to log in. This is ‘strictly necessary’ as WordPress won’t work without it.
  2. Visitors who leave a comment on a blog post will also have a cookie set on their computer. This is not “strictly necessary” as it’s a user preference.

Many WordPress website owners also use Google Analytics to track how their website is used. This is also not considered strictly necessary.

In an example like this, you will need to take action to ensure you comply with the EU Cookie Law.

Summary

It is important as a website owner that you understand if your website uses cookies, and if so, what action you must take.

Most websites store cookies of some type or other, though it’s not always obvious that is the case.

In our next article we show you how to conduct a cookie audit so you can be sure what your website is storing.

Sources used in this article:
Submit to StumbleUponDigg ThisShare via email

How do I comply with the EU Cookie Law?

Complying with the EU Cookie Law is not as complex as you might first think.

You need to:

  1. Understand the law
  2. Determine if it applies to you
  3. Decide on a course of action
  4. Update your website and privacy policy
  5. Monitor your website’s use of cookies and similar technologies
  6. Stay informed

It’s important to note that so far the UK Government has not provided explicit guidelines on what you, the website owner, must do in order to comply. Interpretation of the law varies widely even amongst the largest websites.

Do not believe that you must block all cookies, turn away visitors or switch off valuable web services like Google Analytics. There are many solutions out there to help you comply according to however you decide to comply with the law on your website.

To get started, read on or jump to our quick start guide.

Submit to StumbleUponDigg ThisShare via email

What is the EU Cookie Law?

The EU Cookie Law come into force on 26th May 2012. The UK Government will begin enforcing the EU ePrivacy Directive (AKA ‘the EU Cookie Law’).

The law aims to protect the privacy of EU citizens as they use the internet, and actually covers several aspects of privacy, not just cookies. The UK Information Commissioners Office (ICO) says:

“Cookies or similar devices must not be used unless the subscriber or user of the relevant terminal equipment:

(a) is provided with clear and comprehensive information about the purposes of the storage of, or access to, that information; and
(b) has given his or her consent.

The Regulations are not prescriptive about the sort of information that should be provided, but the text should be sufficiently full and intelligible to allow individuals to clearly understand the potential consequences of allowing storage and access to the information collected by the device should they wish to do so.”

Source: ICO website, May 2012

What this means for website owners

Your website must comply else you face an investigation and potentially a €500,000 fine.

Complying can actually be quite simple. This site will guide you through the solutions available and provide you with the resources you need to stay informed.

Submit to StumbleUponDigg ThisShare via email

WordPress EU Cookie Law Plugin

The EU Cookie Law came into force on 26th May 2012. Your website must comply else you face an investigation and potentially a fine.

Complying with the EU Cookie Law is actually quite simple. There are a few steps you must take, but the first and easiest is adding a simple message to clearly inform your website visitors of your privacy and cookie policy.

To get started, download this plugin and you’ll be ready to go within 2 minutes. For help, read the plugin user guide.

You can find out more about the Cookie Law on the resources page.

Submit to StumbleUponDigg ThisShare via email