This article deals with the problems that may come with using cookies on your website and how you can tackle it with an efficient cookie consent solution.
To begin with, first, let’s see what cookies are and what do data protection laws state about them.
What are Cookies?
Cookies are small text files that a website stores in a user’s device when they visit the site. They analyze the website functioning, track the user activity, and provide personalized advertisements, among other things.
Let’s look at the commonly used cookies:
First-party cookies –These are placed on the user’s system directly by the website.
Third-party cookies – These are placed by a third-party, and they are commonly used for advertising and analytics.
Session cookies – This type of cookies expires once the user’s session on a website expires.
Persistent cookies – This type of cookies remain in the user’s system unless they delete it, or the site does. They usually have expiration dates coded in.
Strictly necessary cookies – this type of cookies is essential for the users to use certain features of a website such as remembering past activity in the site or holding items in the shopping cart.
Here is how you can check if your website is using cookies.
Cookies, in general, are harmless and useful; however, users may not be happy with their online activity being monitored and tracked, especially by a third party. With rising privacy violations, the EU parliament felt the need for a law that will give users more control over cookies.
Read about how cookies track you on the web and how you can block them in this article.
Data Protection Laws and Cookie Consent
There are two data protection laws that require website owners to take several measures before using cookies: ePrivacy Directive (The EU Cookie Law) and GDPR.
The EU Cookie Law
ePrivacy Directive (ePD), introduced in 2002, addresses the confidentiality of communication in the digital age and the rules related to tracking and monitoring. It gave the EU member states a framework to make their own laws to implement the Directive. With the amendment in 2009, ePD came to be known as the EU Cookie Law because of its exclusive mandate about the usage of cookies. It states that if a website uses cookies, then
- take prior consent from the users before loading them;
- provide clear and precise information about the intended purpose;
- give an option to deny consent to use them;
- provide user-friendly opt-in and opt-out options; and
- allow access to website content that may not use the cookies refused by the users.
The Directive exempts strictly necessary cookies from this as they are essential for improving user experience and website functioning.
ePD put a lot of pressure on the website owners to update their cookie policy and the use of cookie banners. Cookie banners are small pop-up notifications that appear on the first visit to a web page. It displays information about the cookies the page will load.
In 2017, the EU proposed a regulation known as ePrivacy Regulation (ePR) which will soon repeal ePD. Unlike the Directive, it will become a mandatory law across all member states once it comes into effect.
GDPR
General Data Protection Regulation (GDPR), implemented on 25 May 2018 by the EU parliament, aims to protect the data and privacy of people living in the EU. It may not have focused a lot on cookies, but it clearly states that a website must have a clear and concise consent policy, and the user must be aware of what and how the site will use their personal data. Explicit consent must be obtained from them in such cases, and a secure opt-in and opt-out options should be available. Cookies also collect data; hence, the website must update their cookie policy and obtain cookie consent to avoid being at risk for GDPR fines and penalties. Read more about GDPR here.
Read the article on the requirements of GDPR-compliant cookie policy here.
CookieYes Cookie Consent Solutions
With the advent of strict laws, cookie banners have become a vital resource of a web page. A non-complying cookie banner may land you in legal trouble. CookieYes helps your website in complying with GDPR and ePrivacy Directive by providing cookie consent solutions. Fully customizable cookie banners are available for different types of cookies. The website owner can customize the banner as per their requirement using simple steps and block scripts to implement prior consent. All you have to do is sign up for a free account on CookieYes. After signing up, you will be directed to a setup page where you have to complete four steps to creating a banner.
- Consent: Different consent types require different cookie policy statements/settings. There are four types of consent: Implicit, Explicit, Info, and Custom. You can select the type your website will use.
- Preview: This section lets you customize the banner to match the look and feel of your website. You can also change the policy text and language.
- Publish: Once you have completed the preview, you can publish the banner by copying and pasting the script provided by CookieYes to your website.
- Finish: This will finish the setup process, and you will be taken to the dashboard.
CookieYes automatically scans your web pages for cookies, and the results are available on the dashboard. It displays information such as
- Total cookies, total scripts, total categories, and total pages;
- Consent ratio for the cookies, such as accepted, rejected, and partially accepted; and
- Recent logs of the user consent.
You can initiate this scan manually at any time. You can also unpublish the banner and change settings at any time, and add new cookies and scripts.