MIAB Blog Cookie compliance

The easy way to be cookie compliant

The Easy Way to be Cookie Compliant

In August 2019, Google introduced its ‘Privacy Sandbox’ to the world.  In January 2020, Google announced that they intended to block third-party cookies from Chrome by 2022 – the last browser to do so; Safari and Firefox are way ahead of them.  In March 2021, they stated that’s it, third-party cookies are finished; well, as far as their ads business anyway.  Just a few months later, Google told the world that their cookie plans have been delayed until 2023

MIAB Blog Cookie compliance (1)

Google announced that they are intending to phase out cookies over a “three month period” in mid-2023, but there is a caveat: it is “subject to our engagement with the United Kingdom’s Competition and Markets Authority (CMA).” 

But what are cookies and how easy is it to get your website cookie compliant?

What are cookies?

We all see the inevitable pop-up message when we land on a website; we either accept them or we don’t, but do you know what they are?  Let’s explain the cookie.

Cookies are data that track your activity on a website, thereby the internet, and keep this information in an online database.  The type of data it records include the websites you have visited, pages you have viewed, how you have interacted with online content, how long you have browsed the internet and your navigation behaviour.  All of this information is then used by companies worldwide to enhance their advertising success. 

When you accept a website’s cookies, you are allowing them to collect this information and use it.  However, there are two types of cookies – first-party cookies and third-party cookies.

First-party cookies vs third-party cookies

First-party cookies are, in many cases, necessary to ensure the website you are viewing works to the best of its ability, i.e. gives you the best user experience.  They are created and owned by the website and improve your website experience.  Therefore, you will get enhanced details on the company’s products and services. 

The company is then able to use the information it collects about its website users to not only improve the website for their customers, but also make content recommendations.  However, the company still has to get your consent to collect this information.

On the other hand, third-party cookies are used by third parties, such as browsers that offer online advertising, like Google Ads.  These cookies are able to track your movement between websites and other online content, not just the specific website you are viewing.

This allows third-party companies to use more personalised, targeted online ads. It’s these cookies that are slowly being banned, although Google is dragging its heels on the matter as Safari and Firefox have blocked them by default already.  This also means that being cookie compliant is as important as ever because it is linked to user privacy.

It is essentially just the third-party cookies on websites that impact a user’s data privacy.  For this reason, it is important to ensure that your website is cookie compliant. 

How to be cookie compliant? 

We can’t get away from cookies; they are standard practice for most websites today.  However, in order to ensure compliance with the GDPR (General Data Protection Regulation) and other data privacy laws – remember, your website can be seen worldwide – you have to get the consent of your visitors/users to gather their information.  Part of that process is to give them the choice to opt out of your cookies landing on their browser.  The other important aspect is that should a user opt out, you have to ensure that their user experience on your website is no different to that of a user who has accepted your cookies. 

International privacy laws – the GDPR and the ePrivacy Directive – states that any website user has the right to control the data they are prepared to share with others, as well as the cookies they install on their computer systems, and that includes all mobile devices.  So, because of this, you will need to consider the following:

  • Ensure there is an alert message about cookie usage on your website
  • Ensure there is a cookie policy displayed on your website
  • Ensure that you are able to prove that the cookies on your website are compliant.

Cookie alert message

You’ve no doubt seen the pop up alert message about cookies when you visit a website.  This is the cookie alert message and it must appear as soon as a visitor lands on your website.  The message needs to clearly explain where you are able to find your cookie policy.

Whilst the cookie policy will explain the difference between the first-party and third-party cookies, the alert message has to clearly show where the user can find the policy. In addition, avoid boxes that are already ticked, i.e. do not have the ‘Accept’ box ticked.

The cookie policy

The cookie policy sets out the rights of the website user and explains in more detail about the cookies being used on the site.  Usually found via a link at the foot of the website, the policy must be easy to understand and explains how the user can change their cookie settings, i.e. blocking third-party cookies on Chrome.

Privacy laws, like the GDPR, have given users the right to:

  • Control those who have access to their personal information
  • Refuse or revoke consent to any company that is holding their personal data
  • Not accept marketing or any other unnecessary cookies that collect personally identifiable information (PII).

Proving your cookies are compliant

Companies with websites must document all the cookie consents obtained.  They also have to ensure their alert message is clear about obtaining the consent.  The cookie policy is a legal document and also needs to be recorded as part of the consent collection procedure.  The cookie consents that are collected need to be stored on a database so that should a company need to prove compliance to the authorities, they can do so. 

At Media in a Box, we offer a variety of social media, SEO, content marketing and website design services that are not only highly-effective, but will also meet everyone’s budget no matter how big or small it is.  Whether it’s optimising your website, developing a social media plan or helping with content marketing, contact us today and let’s chat.