Amending our privacy policy to comply with EU “Cookie Law”

Posted by on 25-04-2012, under About Buyometric

EU Cookie Law

In November 2009 the EU Privacy and Electronic Communications Directive was modified to regulate the use of cookies and local browser storage. Before the amendment, a website had to allow you to opt-out of cookies, and this was usually performed by the browser manufacturers. The new directive stated that users should be asked to opt in to cookie usage BEFORE they are placed on a computer. The directive will become UK law on May 26 2012 – just one month away.

The new law has been widely derided by anyone who knows anything about web technology. The EU were trying to protect privacy, particularly from cross domain tracking which allows an organisation to collect large quantities of data on people and use that data for commercial purposes. However the vast majority of cookies are used in very simple ways – for example a cookie (which is basically a text file) might just contain your username and password to help you log in to a website, or it might contain some preferences that you have set so that your favourite website is shown using the particular layout that you like.

The law is, however, the law. Here at Buyometric we have been looking at our use of cookies and thinking about ways that we can either reduce their usage or explain them more clearly. The first step in this process is to amend our privacy policy to include a table of the cookies we use and explain what they do.

A good example is our auto-login cookies log_u and log_p. Like many websites, we give people the option to “remember me” when logging in. When you do this, we set a cookie on your computer that contains your email address (log_u) and encrypted password (log_p). When you revisit our website we check for this cookie and use the data to log you in. Only our software can decode your password, so it is safe from preying eyes!

Over the coming weeks we will be thinking about how we can make the setting of cookies more explicit throughout our site, in a way that doesn’t inhibit the user experience. It’s quite a challenge.

See our amended Privacy Policy for further details