The Information Commissioner's Office (ICO), the organisation responsible for issuing guidance on UK cookie law, has this week announced changes to the way in which they gain consent from users on their own website.
The changes were made last night, and whilst the law itself hasn't changed, the announcement by the ICO will be welcomed by webmasters and will act as a case study for future cookie compliance.
Image credit - Cookie Monster on Facebook!
Previously, the ICO website employed an opt-in model which was above and beyond the basic level of compliance - implied consent - touted in their own guidance.
The guidance was seen by many as ambiguous, causing confusion and leading to some websites themselves implanting a similar opt-in system, which not only required additional development work, but may have had a detrimental effect on the performance of their website and their success at keeping users.
Other webmasters that adopted an implied content approach have largely been in the dark as to whether their website properly complied.
The whole thing has, frankly, been a debacle.
The ICO's new model
Taken from the ICO website:
- Cookies set on arrival to the site.
- New 'Cookies' page (separate from Privacy notice, but linked to and from it) to increase prominence of the information.
- Users given clear, detailed information about the cookies set and how to manage them, and new buttons allowing users to delete or allow non-essential cookies.
The changes made by the ICO now provide a reference to webmasters, who can follow the lead of the policy implementers and ensure compliance.