GDPR & Cookies Privacy Law: will the new regulation be the death of Cookies?

GDPR

There is a great deal of debate on how GDPR will affect cookies privacy law when it finally becomes law.  Some are of the opinion that mobile device ID will replace cookies and that desktop technology used to collect data will be banished.


Despite the outpouring of fake news on the subject of cookies privacy law and GDPR, the actual truth is that there is no likelihood of reform on the ability to track users.

The underlying spirit of the new Regulation is that of consent, albeit implied consent. As with most legislation, there is room for subjective interpretation by legislators and the ICO is crystal clear with its 12 steps guideline, which provided that it is apparent that you inform users of the use of cookies, reasons for their use, and allow readers to indicate clear acceptance, then all is satisfactory.

According to the GDPR:

  • “It is a mouth piece of a person. Should not be altered.”
  • Provided that you alert visitors that the site is using cookies, and provide a way to actively opt-in then all is good with GDPR.
  • The only real deviation from the original cookie technology is that content writers will need to add more about user experience.

There is, however, a further caveat that might yet see the death of browsing cookies.  Currently, many sites plant dozens of cookies in the browsers of users who visit their websites, collecting browsing history and sending out signals to advertisers so that future sites will show details of their products.

ePrivacy Law soon to Replace PECR

The ePrivacy law, soon to replace the current PECR (Privacy and Electronic Communications Regulations), online marketing rules and will provide for greater protection for internet users in this regard.

Anyone with an internet business who wishes to collect data in this way will need to ensure strict adherence to the ePrivacy regulations allowing users to understand what personal data is being processed fully and for what purpose, with substantial financial penalties for companies breaching provisions.

For many businesses who rely on their website, the difficulty will be about balancing the growth of their business with ensuring the personal privacy of website users.

For many small businesses who rely on analytics to collect data, provided the data is not intrusive, personal or pose any risk to the user then this data will not fall under the strict regulations of GDPR or ePrivacy.

Smaller companies should be able to take advantage of some leeways, providing they can show that their businesses demonstrate trust on behalf of their consumer.

There are numerous technological resources available to meet limited budgets, many giving free advice on common problems such as the use of Google Analytics and WordPress cookies.

Larger companies and internet giants with significant resources are expected to invest more and implement further advanced measures than expected and to be seen to be updated in line with regulations frequently due to available finances compared to smaller organisations and SMEs.

In conclusion, an ever-pressing desire for consumer privacy combined with the ever-growing threat of malicious hacking has forced regulation to come to the rescue.  With significant fines for non-compliance, professional advice from Seers specialist GDPR list of advisors is highly recommended, to ensure your business is fully compliant come May 25th.

https://seersco.com/register/business

Listen to Blog

Leave a Reply

Your email address will not be published. Required fields are marked *

Seers Guide to Cyber Security

Getting hacked is a nightmare. This essential guide teaches you

  • How to prevent Cyber attacks
  • Discover how to Protect your Business
  • How to contain damage & minimize your risk

Sign up to Download