Worried that the new European Union Cookie Law is going to adversely impact your online business?
Many people see the new Cookie Law as potentially putting up a barrier to website visitors, or putting them off so that they are less likely to browse.
We don’t sell anything directly via our site here at Corporate Eye, so our business would not be put at risk by any ‘cookie barrier’, but we do use cookies—especially to find out which pages and topics are of most interest to our audience—and having to get permission beforehand is going to be a nuisance to us and (more importantly) to our visitors.
Who are our visitors?
Obviously I don’t know who you all are, but I can make some educated guesses based on various analytic packages. You are mostly reasonably young, highly educated, and visiting from work – and are primarily based in the US and the UK.
Typically, you visit Monday-Friday (and mostly early in the week), with much less traffic at the weekends; no surprises there, given what we discuss here.
So I’d expect our visitors to be digital natives, or at least naturalised long-term immigrants, and to be very familiar with the internet.
Are our visitors relaxed about cookies?
I ran an experiment over a couple of weeks, in which I used two statistics packages, one of which would continue to count visitors and pageloads as usual (A), and one of which would only count a visitor if permission to use cookies was granted (B).
We didn’t bar people from the site if they didn’t accept the cookie – they could still freely read whatever they were interested in; we simply didn’t use the statistics cookie if they didn’t. So package A could still count the number of visitors, and the number of pages visited, but package B couldn’t.
That is, package B could only count visitors/pageloads if people explicitly accepted the cookie.
I know that statistics programmes count slightly differently; I suppose the best way to run the test would have been to run the same statistics programme twice on each page. And this probably isn’t a statistically sound sampling. Nevertheless, I think the results are interesting.
Do cookies put people off?
We found that:
- the number of pageviews recorded by B was less than 5% of the number recorded by A.
- the number of visitors recorded by B was 2.5% of the number recorded by A.
However, the overall number and pattern of visitors and pageloads over that fortnight as monitored by A, wasn’t affected by the cookie acceptance request; it was pretty similar to the usual number and pattern of visitors as tracked by A. I’m not sure why the proportional decline in pageloads and visitors differ: maybe because more people ended up reading the privacy page in addition to their intended reading.
Obviously these figures apply only to our site; you may find different results on yours. And comparing visitors or visits between analytics packages can be difficult, as they can be counted differently. But it is clear that there was a sizeable distortion in our website statistics as tracked by B.
What does this mean?
The average number of visitors over the period was, in fact, unchanged. So nobody was put off browsing by the fact that the Accept Cookies popup appeared.
However, very few of them explicitly accepted the cookies by clicking on the OK button.
This might be because they didn’t notice it, though I doubt that. It was quite a large popup. Much more likely is that they – you? – chose not to accept our cookies, either because you don’t like cookies or because you were just too busy to pay any attention to the popup. And it is, of course, your right to refuse: that is the point of the new Cookie Law.
Whatever the reason, that’s a lot of ‘no thanks’.
What impact might this have?
For us, only the inconvenience of inaccurate web statistics. And 95% astray is quite an inaccuracy!
If you’re earning money online, though, whether through advertising or direct sales, it might have more impact. Although functionally necessary cookies don’t require consent, there are others that you could be using to improve your service and sales that do. And if 95% of your visitors don’t accept the cookie, this might make understanding their needs and improving your service more difficult for you.
Most corporate websites will be in a similar situation to ours: cookies are primarily used for analytical purposes (and it may be that the Information Commissioner’s Office will not be concerned with these) or to add ‘nice to have’ features for which the visitor would be happy to accept cookies.
Obtaining consent to cookies is difficult. There’s a spectrum of possible options to balance visibility and aesthetics, running from a ‘You Shall Not Pass’ splash screen requiring acceptance before the site is visible, through a pop-up cookie alert and request, to a static bar saying ‘Please Accept Cookies’ or a link to a page saying ‘We Assume Consent’.
If you decide to aim for strict compliance, and request assent to cookies—as BT, for example, have—then there is a risk, as seen above, of severe disruption to your analytics information. You might wish to consider a top-bar alert similar to that of Rio Tinto: still highly visible, though it doesn’t ask for explicit consent.
We were using a pop-up cookie alert and request for consent, rather than a splash screen or a static bar—and have now removed the pop-up entirely, as the disruption to our analytics was unacceptably high. It remains to be seen what the ICO make of this partial solution.
What about your site? Do you think the Cookie Law is going to affect you?
Lucy is Editor at Corporate Eye
You might want to test this with an opt OUT popup, as well, and see how many folks pick that option. This could be more about getting folks to click than getting them to like cookies.
Good point – and worth testing. It may well be that people are just too rushed to even read the popup, just closing it and moving on (haven’t we all done that?)
The ICO has now said that implied consent is a valid form of consent, which makes it less urgent to come up with a means of collecting those clicks – at least, for us, as we don’t collect any sensitive data. I note that many of the big companies have now gone with a bar saying, roughly ‘by using this site you’re agreeing that we can drop cookies’, and not trying to garner explicit consent at all.