Three months later: how the GDPR affected the work with cookies
The European regulation on data protection - GDPR - came into force three months ago. During this time, the volume of cookies on the European news sites decreased by about a quarter .
Today we tell you how new requirements affected the work of sites.
/photo Neil Conway CC
The requirements of Regulation
According to paragraph 30 The European regulations, the information received by means of cookie-files, can serve as the tool for formation of a profile of the user and its identification. Thus, cookies acquire the status of personal data.
Therefore, the GDPR requires site owners to obtain the user's consent before installing the cookie. Before the introduction of the rules, many sites did not ask for permission - a simple banner with notification was displayed. And it was believed that the user automatically agrees to receive a cookie if they continue to work with the site.
After the introduction of GDPR this was not enough . Now, on the pop-up window, the user must note that he agrees to accept cookies. Also, the site owner should tell you how cookies are used, how they are processed and to whom this information can be transferred. You also need to provide the visitor with the opportunity to opt out of using a specific cookie.
All this is prescribed in the privacy policies of the site. The link to these policies should be contained in a pop-up window with an alert.
The idea of this approach is to make the process of working with cookies more transparent. So the user gets all the information at once, and he does not need to delete unwanted cookies in the browser settings himself.
How GDPR affected the sites
Analysts Reuters compared data on the number of cookies used by European sites in April and July 2018 (that is, before the entry of the GDPR into force and after). According to the results of the study, the average volume of cookies on news portals is decreased by 22% . The volume of cookies used by UK sites, decreased by 45% . In France, this figure fell by 32%, in Germany - by 6%.
Interestingly, in Poland, for some reason, the number of cookies, by contrast, increased by 22%. This is the only European state with a big change.
According to the report, the percentage of cookies used to optimize the site performance has seriously decreased. The least changes were to the cookies of social networks.
Unlike European sites, a number of US sites that operated on the European market, decided Do not update privacy rules and cookie handling mechanisms.
As soon as the GDPR came into force, more than a thousand news US portals simply blocked access to visitors from the EU.
Among them there are sites of popular publications - Los Angeles Times, The Chicago Tribune, The Sun Chronicle, etc. Users from Europe are shown an error message. This solution has obvious reputational risks and means the loss of part of the audience. Moreover, according to some users, this behavior is a tacit acknowledgment of guilt in improper processing of PD. However, this approach is most likely based on the financial component.
American organizations took such a step because of the reluctance to invest in the elaboration of new policies and the introduction of new solutions. A small user traffic from Europe will not pay for the money spent on compliance with the GDPR.
How to work with the cookie on GDPR
/photo Helen Harrop CC
Now in the GDPR there is no single algorithm for working with cookies. But it is possible to take a number of measures that fully meet the requirements of the regulations. Here are a few of them:
Inform what cookies and for what purpose they are used. The Forbes website details why each cookie is needed and how the user's choice affects the functionality of the site.
Provide a choice of cookies that the user allows to install. For example, you can select individual cookies on the Oracle website. To do this, in each case, check the box "yes /no". You can not prohibit mandatory cookies, but there is detailed information on each of them.
Enable the user to refuse the cookie. On the Fortune site, you can change the list of used cookies at any time by clicking on the small Cookie Consent widget in the corner of the page.
P.S. Materials on the topic from the First blog about the corporate IaaS:
What counts PD from the point of view of the Russian regulator
How to process PD in the cloud
PD in the cloud: the zone of responsibility of the customer and the cloud provider
It may be interesting
houston embroidery service
Houston Embroidery Service