cookie acceptance

Why do I see so many cookie acceptance forms on websites these days?

In May 2018, the way businesses handle personal data was overhauled with new Europe-wide General Data Protection Regulation (GDPR) rules, which gave the EU the world’s strictest data protection laws.

It’s led to constant interruptions from pop-ups requesting agreement with the website’s privacy policy, and the way your data is used. Some even mention wanting to ‘personalise your user experience.’ (Whatever that means.)

It can all seem very distracting, and such a hassle that it feels easier just to leave the page.

Clearly, with the new rules only having come into force 18 months ago, websites are still adapting. Equally, hefty fines of up to €20m for non-compliance are understandably making organisations nervous. Some US newspaper publishers are even making their content unavailable in the EU because of this.

What do the rules say?

The rules do allow websites to collect data using cookies, the small text files stored on your computer, to provide services. And while log-in cookies don’t require user consent, sites must seek consent when using information for other reasons, including targeted marketing and advertising.

The system sparked a blitz of pop-ups due to its newness, although that shouldn’t last and cookie preferences should be stored for future reference, although you do need to repeat the process for every browser used. (And each time you delete and clean up your cookies.)

But remember, companies are not trying to sell your data, only the ability to target particular groups which could influence their buying choices.

The pop-ups you see can be complex as GDPR requires particular consent for specific things rather than a blanket acceptance. There are the basic cookies needed for the site to function, and those for additional services like live chat.

Many have adopted off-the-shelf templates which are at least familiar. Sometimes you can choose between ‘I accept’ and ‘Change consent’ or just click on something like ‘Got it, thanks!’

Alternatives to pop-ups

To access sites without cookie consent pop-ups, read the cached pages that Google and other search engines may have kept. Or you can browse incognito, or route your internet to access a server in a different country.

How the law is changing

In early October 2019, the top court in Europe, the CJEU, ruled that pre-ticked consent boxes for dropping cookies were not legally valid.

To access or store non-essential cookies, websites must actively seek consent – it can’t be assumed or implied – for purposes such as targeted advertising. The user must also be given specific information such as how long the cookie will operate for, and how their data will be shared.

Which means, unfortunately, you haven’t seen the last of cookie acceptance forms if you want to ensure your own website is legally watertight- get in touch with us.