If you use a website for your business then you must ensure that it complies with the relevant regulations. There is legislation covering most aspects of online business such as the information a company must provide about itself, rules on distance selling and regulations concerning the storage of customer information. Some of the rules for conducting business over the Internet will depend upon the type of business you are in but others have universal application.
Since May 2012 every website must comply with the rules governing the use of cookies.
What Are Cookies?
Cookies are small files which are downloaded onto computers and other devices when the user accesses certain websites. The cookies are then sent back to the originating website on each subsequent visit enabling the site to recognise that device. To an extent this enables the website to monitor the online activities of the user of that device.
The Regulations
In order to protect the privacy of internet users the EU introduced regulations to govern the use of cookies by websites, known as the E-Privacy Directive. This has been subsequently amended to require that the consent of the user be attained before cookies are used, even if the individual users are not personally identifiable. The UK introduced these changes with The Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011.
The Requirements
The law requires that a person shall not store or gain access to information stored, in the terminal equipment of a subscriber or user unless the subscriber or user:
- Is provided with clear and comprehensive information about the purposes of the storage of or access to that information; and
- Has given his or her consent
Those setting cookies must:
- Tell people that the cookies are there
- Explain what the cookies are doing
- Obtain their consent to store the cookie on their device
There are exceptions to the requirement to provide information about cookies and to gain consent where the use of the cookie is:
- For the sole purpose of carrying out the transmission of a communication over an electronic communications network; or
- Where such storage or access is strictly necessary for the provision of an information society service requested by the subscriber or user
Generally the individual or company operating a website will be responsible for ensuring compliance with cookie regualtions.
If you need assistance to ensure your website policies and procedures are regulation compliant, Rollingsons has experienced lawyers who can assist you. For more information please contact James Crighton via e-mail jcrighton@rollingsons.co.uk or by telephone on 0207 611 4848.
