Thursday, 26 May 2011

ICO Website and Cookies Law - Strange

The new cookies law comes into force in the UK today, although the ICO (Information Commissioner's Office) is allowing one year to comply with the new rules. The purpose is to ensure that:
  • "businesses and organisations running websites in the UK need to get consent from visitors to their websites in order to store cookies on users’ computers. "
How the ICO does it 
The  ICO on its website shows how it could be done - and it's strange. If you visit the website you are shown a fairly ugly header at the top:









It gives you an option to say "I accept cookies from this site". So the first thing that strikes you is why is there is no option to say:
  • "I DO NOT accept cookies from this site."
The ICO site uses Google Analytics to track visitors. You can go to the ICO Privacy Notice page and follow a link which allows you to download an AddOn from Google which might allow you to disable the cookies....but I doubt if many users will go to the effort of doing that.

Fiddler shows me that if I don't click on the "I accept cookeis from this site" header and just leave it there, no traffic goes to Google Analytics

So in effect, if you don't want to accept ICO cookies, the best thing is leave the header on top of the screen and not to click it. Just ignore it.



Firefox - Do Not Track
Do Not Track - DNT
In addition I use Firefox 4 and I have set the option
  • Tell web sites I do not want to be tracked
 This is under "Tools!Options!Advanced!General". This sends a DNT request in the Request Header. So ideally the ICO should honour that and should never ask me in the first place whether I want to accept cookies.


Conclusion
The way the ICO website implements the new cookie law is not elegant.

Social: del.icio.us DiggIt! Reddit Stumble Google Bookmarks Technorati Slashdot

2 comments:

  1. I see the ICO classifies the session ID as essential: "This cookie is essential for the online notification form to operate and is set upon your arrival to the ICO site. This cookie is deleted when you close your browser.", and the cookie is set without having to opt in.

    http://www.ico.gov.uk/Global/privacy_statement.aspx

    ReplyDelete
  2. The ICO site uses Google Analytics to track visitors. You can go to the ICO Privacy Notice page and follow a link which allows you to download an AddOn from Google which might allow you to disable the cookies....but I doubt if many users will go to the effort of doing that. cheap seo service

    ReplyDelete