EU Privacy and Cookies: A Very Inconvenient Truth
|
| ||||||||
| Compare: | Web Design Calculator | Web Design Cost Guidelines |
Are you an E-Commerce Web Designer? Add a Free Listing
If you operate online business in the EU, you’re likely aware (and scared stiff) of a revision of the EU’s Privacy and Electronic Communications Directive that intended to protect users’ privacy by requiring explicit consent before (most)* cookies can be placed on a computer or mobile device by a web property. This means that you must get permission to use cookies for site personalization, web analytics and ad targeting if you operate from any EU state.
*(Cookies that are essential to perform tasks the user has initiated, such as remembering what products have been added to cart in a session, are exceptions.)
Since permission must be obtained by interrupting a web visitor, we can safely expect that this will negatively impact web usability and a business’ ability to personalize their site and collect web analytics data. This is a major blow to European online businesses and consumers alike, reminiscent of mandated 3D Secure protocol for processing certain cards in certain countries.
While only 3 countries met the deadline of May 24, 2011 (Estonia, Denmark and the UK), each state is responsible for developing its own laws in compliance with the Directive. If you need a primer on the issue, Silktide has an entertaining (yes, entertaining!) and informative short video that sums up what the Directive is and what your options are if your business is located in the UK.
As explained in the video, there are 3 4 options for European business:
1. Do nothing (it’s better to ask for forgiveness than permission, except that you may pay dearly)
2. Don’t accept cookies
3. Ask for permission
4. Move
Reasonably, only the 3rd is a viable option for any serious business (though #4 is tempting, I hear Liechtenstein has some fantastic skiing), which means working towards compliance. The problem is, most EU nations have no law in place yet, and there are no clear guidelines for which cookies are acceptable and not.
We do, however, have some fuzzy guidelines from the ICO (Information Commissioner’s Office) – the UK’s information privacy cheerleader.
The ICO has put together a downloadable document that serves as a “starting point for getting compliant,” rather than a definitive guide. There’s some good stuff in there that can be gleaned from by non-UK businesses in the EU. I will summarize the recommended action here:
Step 1: Perform a cookie audit
This could be either a comprehensive website audit, or simply a review of what cookies are used and what for, and removing any non-essential cookies.
Step 2: Decide how evil each cookie is
Plot your cookies on a continuum from non-invasive to privacy to very invasive. Cookies with no privacy impact include cookies that remember items added to cart, or a language/country selection. These are essential to your site functioning as the user wants. The more “evil” end of the scale includes cookies that are used for site personalization, analytics and advertising (e.g. Google Remarketing ads that follow users around the web for weeks).
The ICO suggests offering “more detailed choices” at the more intrusive side of the scale. This means more opportunities to opt out of cookies and essentially turn off features of your site. However, what intrusive means is very subjective. Certainly non-PII (personally identifiable information) used for web analytics can’t be that evil, right?
Since there is no rule for how to handle each type of cookie, and how intrusive a cookie is is subjective, the main point is that you’ve done something. From the document: “If the ICO were to receive a complaint about a website, we would expect an organisation’s response to set out how they have considered the points above and that they have a realistic plan to achieve compliance. We would handle this sort of response very differently to one from an organisation which decides to avoid making any change to current practice.”
You have heard it said of old “it is better to ask for forgiveness than for permission.” (No, that’s not from the Bible, I checked). Seems in this case, you may be forgiven for not going far enough so long as you have put your shoes on, or at least bought a pair of shoes in preparation for the journey.
Step 3: Figure out how to get consent
You have flexibility on how to gain permission, both through request format (e.g. through pop-up or accordion slider at the top of a page) and the wording of the prompt.
Note that you must ask for permission and explain the nature of each type of cookie, including disclosure when information may be shared with third parties. An example is when a user wishes to view an embedded product information video hosted on YouTube where YouTube sets a cookie to track engagement with the video, length of view, etc.
This means you will likely be asking for permission multiple times in one session, and that you must craft several prompt messages, depending on the cookie type and intended use.
While wordsmithing is important both for clarity and to reduce anxiety (and to keep visitors on board), never misrepresent the nature of your cookie in order to gain consent. “Any attempt to gain consent that relies on the users’ ignorance about what they are agreeing to is unlikely to be compliant.”
When do you need to be compliant?
If you’re in the UK, you have a grace period of one year to “get your house in order” before the ICO begins to lay the smackdown on infringing sites. Of course, non-compliance is an option, albeit a risky one. But if you plan on playing by the rules, I suggest you take advantage of the grace period in order to A/B test methods and messaging to minimize site abandonment once the requirements are set in stone. Next post we’ll explore techniques to do just that.
Looking for help with ecommerce? Contact the Elastic Path consulting team at consulting@elasticpath.com to learn how our ecommerce strategy and conversion optimization services can improve your business results.
Source http://www.getelastic.com/?p=11938Mon, 11 Jul 2011 08:03:56 GMT
Tags: Ecommerce Strategy, Site Optimization, Web Design and Usability,
Scottsdale E-Commerce | Provo-Orem E-Commerce | Ann Arbor E-Commerce | Auburn Hills E-Commerce | Clovis E-Commerce | Katy E-Commerce | Navi Mumbai E-Commerce | Golden E-Commerce | Fredericksburg E-Commerce | Pleasant Prairie E-Commerce |
Ecommerce Strategy
Navigating The Canadian Ecommerce Landscape
According to Forrester Research, US online retailers look to Canada first when expanding internationally, with 22 of the top 50 online retailers having dedicated Canadian e-stores. This comes as no surprise, as its proximity makes it easy to ship from US
Ecommerce Subscriptions: How to Turn Visitors Into Subscribers
This post is contributed by David Chiu, Ecommerce Industry Strategist with Elastic Path. David has 15 years of ecommerce experience under his belt, with a rich background in information architecture and design, online positioning for key consumer brands i
Apple Wants 30%? When the Wind Changes – Adjust Your Sales
Apple’s announcement that in-app subscriptions are now available for content publishers and licensed resellers (magazines, newspapers, TV/video, music etc) – at the low-low price of 30% of revenue – has come quite a buzz in the blog-o-sp
Site Optimization
Ecommerce Fraud Management Systems: The What The Why and The How
Card-not-present credit card fraud cost online merchants 0.9% of revenue in 2010 (down from 1.4% in 2008 and 3.6% in 2000) according to research by Cybersource. The expense of chargebacks, unrecoverable transfers, unnecessary shipping costs and human res
Web Design and Usability
Form Design: 11 Patterns For Accepting User Input
I’m often asked what are good books to read for ecommerce. If you’ve been trekking with us for a while, you know I occasionally review books I receive from publishers – so long as I believe they would be interesting for ecommerce buffs. I receive no other
Showing Products In Context with Animated GIFs
From the Retail Email Blog’s 2010 Design Hall of Fame comes an example of showing a product “in context” (in use) with an animated GIF image: While animated GIFs are not unusual in email, I’ve yet to see one on a product page. In
Hot Hot Heat Maps: 10 Tips for Conducting and Analyzing Eye Tracking Tests
Quantitative site analysis (web analytics and A/B or multivariate testing) is phenomenal for learning about your site’s performance and user behavior. But the drawback is, this data tells you the “what” but not the “why.” To
Need E-commerce Design? Check out our member profiles:
Web design, Web development, Ecommerce, Website maintenance, Hosting and Business Software.
Alphen aan den Rijn, Zuid-Holland NL
We specialize in social network marketing, best-in-class small business website design, Internet marketing, search engine optimization (SEO),Ecommerce solutions, and Internet training seminars .
Jacksonville, Florida US
Hit Web Design creates innovative web design and e-commerce solutions. Providing small to medium businesses with affordable web design and e-commerce management solutions.
Provo-Orem, Utah US
Mental Pixel Web Design and Development. Full Service Website Design and Marketing starting at $525, Located in Long Island, NY.
North Babylon, New York US
Our business-driven approach separates us from other web companies. All of our solutions are customized to meet your specific needs and to create a dynamic first impression upon your audience.
Cape Neddick, Maine US
A design and development group providing software solutions from concept to completion. We offer the right people with the right skills to get the job done.
McFarland, Wisconsin US
Have a tight deadline? We're is built for speed. We specialize in assisting programming firms, marketing firms, mass media, catalog printers, and print shops. Deadlines are closing, contact us today!
Williamsburg, Virginia US
33 Bytes Atlanta is a web development company based in Johns Creek, Georgia, with services including e-commerce solutions, content management systems, website maintenance, and database programming.
Johns Creek, Georgia US
Latest Hilarious Picks [MakeUseOf Geeky Fun]
Check out the top picks from MakeUseOf Geeky Fun during the last couple of days Socialising Then V
Cool Websites and Tools [May 26th]
Check out some of the latest MakeUseOf discoveries Most of the listed websites are FREE or come wit
Indie Royale’s Difficult 2nd Bundle Offers Unique Gaming Deal [News]
Indie titles are a good choice for gamers who want maximum game for minimum buck First there was th
Solidify Your GRE/GMAT Vocabulary With IntelliVocab Deluxe [iPhone - Free For A Limited Time]
Are you looking into taking the SAT GRE or GMAT in the near future or know someone who is For a li
Android Users Lose 1 Million To Malware In 2011 [News]
Have you ever wondered how severely malware impacts Android users Lookout Mobile Security has an an
TalkSpot – Build Your Own Site in Minutes Made Easy!
Owning a Website has become the common platform for the people or the firms who wants to makes thei
Encyclopedia Britannica Online Edition Is Free For A Week [Updates]
Encyclopedia Britannica offers access to its online collection for free this week only as it moves f
Article Tags
E-commerce Design Articles
Web Apps & Internet (374)
News (291)
Web Apps (129)
Inspiration (128)
Music (119)
iPhone / iPad / iPod (116)
cool web apps (108)
Google Android (101)
Mobile Tips (100)
Announcements (99)
deals (88)
Games & Gaming Tips (84)
Tech Deals (82)
Opinion & Polls (76)
Cool Software Apps (76)
Social Media (66)
iOS (66)
Browser Tips & Tricks (66)
iPhone Apps (59)
Freebies (58)
geeky fun (58)
Photography (58)
iphone (55)
Google (53)
troubleshoot (53)
android (52)
Photoshop (52)
Graphics (51)
facebook (50)
How-To Articles (50)
Friends:
E-Commerce Website Pricing
Web Design Quote
Website Design
Graphic Designers
