The death of cookies or just some overdure regulation

We’ve been using behav­ioural tar­get­ing for a num­ber of years. It opti­mises media spend and ampli­fies cam­paigns to the peo­ple who count. And, if done well, your prospects won’t realise it’s hap­pen­ing. But the EU believes con­sumers need to be pro­tected and made aware of the meth­ods used to tar­get them. That’s why there’s new leg­is­la­tion com­ing into effect on 25th May.

So, what to do? Well, the gen­eral con­sen­sus out there is the fol­low­ing: If you’re adver­tis­ing through pub­lish­ers and affil­i­ate net­works you need to make users aware that you’re track­ing their behav­iour to serve tai­lored adver­tis­ing. But what’s the best solu­tion? It could get messy with mul­ti­ple alerts, pop-ups and overlays.

Well, there’s an indus­try ini­tia­tive led by the IAB seek­ing to pro­vide an ele­ment of self-regulation, with a sym­bol like this appear­ing on behav­iourally tar­geted ads.



When clicked the user will be advised on the data being cap­tured, how it is used to serve adver­tis­ing and asked for their explicit con­sent. They’re hop­ing to have this in place by the end of 2011. It seems like a sim­ple solu­tion that could work for the whole industry.

Mat­ters get a bit more com­pli­cated when you’re using cook­ies on sites that you own and admin­is­ter. The direc­tive seems to imply that you still need to makes users aware of what you’re doing. But there’s a view out there that if you’re using cook­ies to improve the user’s expe­ri­ence e.g. shop­ping cart, remem­ber­ing log-ins, pre­ferred con­tent, etc, then you don’t need to get explicit consent.

So, with the end of May loom­ing, here are a few things to start planning:

• When adver­tis­ing after May, con­sider using the enhanced notice (icon) to gather con­sent or opt-out.
• Appor­tion respon­si­bil­ity for data pri­vacy within the con­text of behav­ioural adver­tis­ing with pub­lish­ers and ad networks.
• Ensure your pri­vacy pol­icy on your web­site suf­fi­ciently dis­closes the use of cook­ies and how they will be used.
• Pro­vide a sim­ple means for users to pro­vide explicit con­sent or opt-out.
• Con­sider mak­ing “do not track” func­tion­al­ity com­pat­i­ble with the lat­est incar­na­tions of browsers from Microsoft, Google and Mozilla.

Whilst it’s highly unlikely that the leg­is­la­tion is going to be enforced any­time soon, as respon­si­ble mar­keters, we all need to have a posi­tion on the direc­tive and a plan to ensure we don’t fall foul of the law. So, if you need a bit of advice, get in touch and we’ll point you in the right direction.