Your Cookie Consent Banners will be Changing!

Cookie Banners

Cookie compliance laws were established back in 2011 to ensure that consumers are safeguarded when using the internet, whether it be for shopping, working, or socializing. 

Today, all EU countries are required to have these cookie banners on their websites through which they can collect consumer information that they want. 

It’s designed to give the customers online privacy protection by informing them how their information is being collected and then used when they surf the net, giving them a choice to allow it or not. 

But do you really know what you are accepting? 

Today, we are going to investigate the GDPR Cookie Consent Banners and how exactly should you be using cookie banners.

What is a cookie? 

While cookie banners may seem annoying, the truth is they’re not all bad. Cookies are small data files that are used by the website to identify your computer network and your online identity. 

A cookie helps the website remember that information so that when you go back to that site, all your preferences and past actions will be remembered – making it easier for you to navigate quickly and easily. 

If you’ve ever been frustrated having to re-enter your password or favourite handbag onto eCommerce sites every time you buy something online, then you know exactly how helpful cookies can be! 

Certain types of cookies are required for specific functionality on your site, so let’s go through them quickly: 

  • Session Cookies 
    Also known as ‘temporary cookies’, are commonly used on eCommerce or shopping website, and are used to help websites recognise users and the information provided when they navigate through a website. The information is only held whilst the user is on active on the website. 
  • Permanent Cookies 
    Also known as ‘persistent cookies’ remember information such as login details, so web users do not need to re-enter them every time they use a site, such as content management systems. 
  • Third-Party Cookies 
    with the aim of collecting certain information from web users, advertisers monitor behaviour, demographics or spending habits of online users to ensure that products and services are marketed towards the right target audience, such as retargeted marketing. 
  • Flash Cookies 
    Also known as ‘super cookies,’ these types of cookies remain on a user’s device even after all cookies have been deleted from their web browser and are independent from the browser. They are used to remember the place where a user’s video stopped playing or an animated banner advertisement stopped rotating. 
  • Zombie Cookies 
    A cookie that returns to life automatically after being deleted by the user. Browsers such as Firefox provides an option to remove Flash cookies as well as zombie cookies through add-on settings. 

The new Cookie regulations 

With the UK moving towards a post-Brexit life, leaving the EU will mean some changes to the current regulations that’s unique to itself and to other countries outside of the European Union that decide to follow. 

With the development of new policies in place for the digital industry, such as the ICO’s recent introduction of The Children’s code, online businesses will prepare to move towards a more streamlined self-reliance for data collection and take care of their own security measures ensuring there is always unrestricted experience for visitors who wish to browse or converse online in a variety of media without any interruption, regardless of cookies. 

High Risk Sites will still be required to display banners, but most websites will not, according to Digital Secretary Oliver Dowden, who spoke with The Telegraph during an interview earlier this year. 

“Many cookie notifications are pointless, and I want people to reclaim control over their web experience,” explained Dowden. “Non-essential cookies can be removed without penalty.” 

The UK currently has a data adequacy agreement with the EU, but the future could move towards data laws that are based on common sense and not the constant need to click “accept” on cookie banners every time they visit a new site 

Do you need a cookie banner? 

The current ICO has stated that the basic rules include the following: 

  • You must tell users if you have cookies activated on the website. 
  • You must explain what the cookies are doing and why they are there. 
  • You must gain the user’s consent to store a cookie on their device before the cookie is activated. 
  • Allow visitors to freely de-activate their consent, even if they have already allowed consent. 
  • Allow visitors to access all content, even if they do not allow the use of Cookies. 

When we talk about consent, it means that your user must tick a box, or click a confirmation button to show they are allowing you to track their data. 

Non-compliance could also have grave consequences – Which could lead to legal enforcement from the ICO, or even worse, loss of leads.  

A study which asked 1,000 consumers what they thought about the privacy and collection of data showed that 87% would not do business with a company if they had concerns about its security practices. 

There is plenty of evidence that consumers avoid engaging with websites where they believe their privacy is at risk, and if there is a general untrustworthy feel about web tracking using cookies. 

It’s all about the Cookie Consent 

Since its release in 2018, the GDPR cookie compliance has had a few modifications because the original requirements were not precise enough. The updated guidelines includes

  • No non-essential cookies until consent 
    It’s out with the skinny banners and in with more descriptive banners. You cannot track any Google Analytics unless the user has specified that they are happy for you to track them. By default, tracking must be disabled until the visitor has accepted consent. 
    The text in the cookie banner and the button must make it clear that by clicking the button the user agrees to the specified cookies.
  • Valid Consent is required 
    Using the phrase “By continuing to use our website, you consent to our use of cookies”, does not count as user consent. The cookie banner should contain a link to the website’s cookie policy. There is no free choice for the user to opt-out of any non-essential cookies if there is no option, and you are not fully clear on what you will be tracking. The only time you can use this type of cookie notice if you 100% do not use any unnecessary cookies. 

If your Cookie consent guidelines are found within your privacy policy that you can only reach via a link, this type of consent isn’t suitable because your user must look for it. It should be readily available. 

  • No Cookie Walls 
    If you are blocking your user from accessing your website unless they accept your compliance, then this a Cookie Wall and it needs to stop because it is unlikely that your user consent is considered valid. 

Google Chrome third-party Cookie removal 

In 2018, a Cookie Consent study that was conducted 30 days after the GDPR activation showed that 76% of visitors to a website took no action against the Cookie banner. 12% closed the banner, 11% chose to accept the cookies (and accepting the third-party tracking), and finally, a miniscule 0.5% actually opened the cookie policy to read what’s involved. 

Third-party cookies are how the ad companies and data dealers track you online. They can monitor which sites you visit, and they use this information to build a profile of you and your interests — which is then used to advertise towards you. 

For example, have you ever been shopping online for some nice trainers, and then visit a different website and seen an advert for those exact trainers? 

This is the reason why Google is ‘removing’ the current third-party policy for Google Chrome by 2023.  

Spoiler: it’s not actually completely removed, but changed to help keep consumers anonymous, and still allow advertisers to target relevant ads. 

Google Chrome users will have their internet activity tracked through the browser itself, and then Google group large numbers of users via their online interests. This means Google will be able to control the information that is collected, and advertisers will gain much less personal information and are limited to targeting only the group interest, opposed to the individual user.  

Google is not the first Search engine to block third-party tracking, as Apple Safari and Firefox have done so for quite a while. 

Do you like Cookies? 

We’re always excited to share our knowledge about the ever-changing rules surrounding cookies, and we hope the blog post has helped you understand more about how they work, what the upcoming changes will be and how you can maintain a level of compliance with the GDPR cookie guidelines. 

If you would like to discuss anything further, please feel free to send us an email and we’d be happy to help!