The EU’s new e-Privacy Directive, commonly called the “cookie law”, came into effect in May 2012 and is now in full force in the UK. It essentially means that everyone who targets a website toward UK web visitors must first get their permission before tracking them with cookies. For those who don’t know, cookies are small text files that record certain types of information about user behaviour and preferences. Read a full rundown of the law here.
Now that brands have had a few months to get their websites compliant, what trends and practices have emerged? Let’s have a look.
Getting Consent
Since cookies can’t be avoided, there are two ways to get visitors to consent: explicitly (which means directly asking the visitor to make the choice), or implicitly (which means assuming that they accept cookies and giving them the option to disable them). The Information Commissioner’s Office (ICO) in the UK has stated in the last minute that implied consent is valid under the law, so both options are now feasible.
Research by QuBit found that the consent rate for explicit acceptance was a mere 57.2%, in comparison to the implicit consent rate of 99.7%. The ICO website itself, which uses explicit consent, has a cookie acceptance rate of just 10%. This is unsurprising based on a simple principle of human psychology – it’s far easier to be passive than to take action (even if that means a simple click).
The ICO’s website requires explicit cookie consent
Explicit Examples
Some websites have nevertheless opted for the explicit consent approach. One high-profile example is Virgin, which asks users to choose between “Yes Please!” and “No Thanks!” for being tracked by cookies. Since the biggest sites are likely to be targeted first by cookie enforcers, it’s worth it for them to ensure they are getting the right consent from users.
(Source: PPA)
Most others use the simple check box like the ICO one above. Here’s the Gloucester City Council consent box:
Implicit Examples
A much bigger proportion of websites seem to be opting for the implicit consent option. QuBit, for example, uses a slider with their cookie message that appears at the bottom of the window.
Most other sites opt for the bland but serviceable header notification, like this one from Cybacat.
BT (British Telecommunications) has created a clear, user friendly and unobtrusive cookie management system. A row of icons in the footer of the page shows the user their current settings and gives a mouse-over explanation of each one.
Clicking on these opens an interactive slider, where the user can see what permissions the website does, and does not have.
Another option is to simply include a header or footer link labelled, “cookies,” that takes the user to a page explaining that company’s policy and how to disable the cookies. Apple uses a small footer link that takes users to the site’s cookie policy.
The Guardian, a news portal, includes a handy feature that shows users some of the functionalities of cookies on their site, by creating an instructional overlay:
But What About The User?
It’s clear that implicit consent is more user friendly, but what about the overall effect of all these cookie banners and popups on website visitors? Considering that 28% of users delete first-party cookies within a month, according to research conducted by comScore, this means most users will constantly have to be re-accepting cookies they thought they had already signed up for.
Best practice seems to dictate that the cookie permissions should be as unobtrusive as possible, so your visitors can get on with the task of browsing and enjoying your website to its fullest.
