Need a way of conforming to the EU “Cookie Directive”? (continued)

Earlier in the week, I took another look at the EU Cookie Directive and suggested some resources for further investigation. Thanks then to reader Ollie Morcom, who pointed me towards a very neat solution (my least favourite word, but one which is correct in this case) for “cookie law compliance”. It’s called Cookie Control, and it’s the brainchild of an online marketing agency in Edinburgh called CIVIC. Cookie Control puts up an unintrusive information panel telling visitors about the presence of cookies on your website, and enables you to get a visitor’s explicit consent for the use of cookies on their computer. As the creators say, it “represents a good first step towards legislative compliance”, and even if it’s not exhaustively implementing the requirements of the legislation, it’ll put you far enough ahead of the majority of other companies that you needn’t have any worries about being singled out for legal aggravation.

So you’re going to ask “what does it look like then?”. Well, we installed it on the BMON website yesterday, so you should have seen the pop-up panel here. If not, you can call it up with the little icon bottom left. And here’s the good thing: for a templated site (including one run by a content management system), it was really easy (for that, read cheap!) to implement. Your website designer/manager shouldn’t have any problem.

15 thoughts on “Need a way of conforming to the EU “Cookie Directive”? (continued)”

  1. Looks to be an elegant solution …except perhaps fading out the cooking warning panel before any positive action has been taken by the viewer is not a good idea. Because of this I doubt whether it will conform.

  2. Peter: someone’s just emailed me with exactly the opposite findings. The fun of browsers, indeed.

    Graham: I get your point, although they can click on the orange icon to get it back. But I’m not sure it really matters. To be honest, this solution at least shows you’re trying to conform to this largely unworkable, unfriendly and misguided piece of legislation, and that alone will put you ahead of 95% of businesses, which ought to be enough. You know the old joke: two guys are camping when a bear suddenly comes out and growls. One of them starts putting on his tennis shoes. The other says: “What are you doing? You can’t outrun a bear!” to which the first replies: “I don’t have to outrun the bear, I just have to outrun you!”

  3. Chris: Thanks for the mention of Content Control – it’s great to see it being discussed!

    Graham: I take your point about the fade-out. We’re in the process of adding an additional configuration option enabling users to set the time on the fade-out. For maximum compliance you’ll be able to set this to something really high – several minutes if you wish. With Cookie Control we wanted to provide a tool for compliance that webmasters have full control over.

    It’s also worth bearing in mind that if you just ignore the pop up, it’ll keep coming up on every page load (if you have configured it to pop up).

    Peter: Would love to know what browser versions you used when testing – we’ve been eliminating browser issues as they come up and thought we’d caught most of them. If you let me know we’ll go and fix them.

  4. The problem when I looked into solutions like this is that you either need to store the user’s preference to not have cookies stored (how? by storing a cookie?) or infuriate users by asking them on every visit.

  5. Philip: Absolutely! It will be infuriating. But there’s no other way of doing it unless the end user is expected to start fiddling with their browser settings.

    We think Cookie Control is a bit less infuriating than some other solutions though!

    It’s also pretty ironic that we remember when someone has opted in using a cookie.

  6. Mark: The irony isn’t lost on me. Perhaps you could change the text on Cookie Control to, “This is what happens when you let bureaucrats make technology decisions”

    The only viable alternative to nagging on every visit is to require users to log in. To hell with UX, let’s throw our professional pride to the wind and comply with wonky EU policy decisions.

  7. I went to for the Cookie Control, but their site does not ask me for permissions to use cookies and then leaves cookies on my computer, one of which is named which implies tracking. I know its not law yet but shouldn’t this company have implemented it yet if they are offering a solution?

  8. I am not sure this solution will work…

    When used on my site a cookie was planted on the computer, so it does not block cookies initially. They do provide instruction about blocking cookies initially, but then I wonder how many people will see that and assume the default code is all they need.

    The cookies deposited included on for their own site.

    If we do change site code to prevent the initial download, then once we approve, the cookies that should have been loaded will not. e.g. I wonder if Google Analytics will show zero for the home page visit – unless this system then calls analytics and other tracking cookies after the user approves.

    On the code on my own site I can only see an I Accept button and no I Do Not Accept. On this site you have a Get Me Out Of Here, but maybe I would like to stay but not have cookies tracked.

    So I think it still has some things to address. If these are addressed then I dont think its clear.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.