Google recently announced that publishers who serve ads with the company’s AdSense product must comply with EU regulations requiring publishers to seek permission from EU users before they can add tracking cookies to the user’s browser.
If you live in the EU, and possibly if you live elsewhere, cookie warnings will be part of your day-to-day life on the Internet. Within many EU countries, site owners are legally required to ask permission before setting tracking cookies. The regulations are implemented into law by EU member countries in various ways, and there’s no overarching interpretation, but the upshot is that if a site wants to track users with cookies, they have to, at the very least, inform them that they will do so, and in many cases get explicit permission.
For the most part, that just means a quick banner asking for permission.
Of course, EU regulations have very little impact on anyone serving a site outside of the EU, including American businesses. But the regulations now have an effect on US and international users because Google is making cookie warnings mandatory for all sites serving content to EU users.
According to Google, AdSense users serving content to EU citizens have the following obligations:
“You must use commercially reasonable efforts to disclose clearly, and obtain consent to, any data collection, sharing and usage that takes place on any site, app, email publication or other property as a consequence of your use of Google products; and
You must use commercially reasonable efforts to ensure that an end user is provided with clear and comprehensive information about, and consents to, the storing and accessing of cookies or other information on the end user’s device where such activity occurs in connection with a product to which this policy applies.”
These obligations apply to any publisher using Google’s advertising platforms, who should comply by the end of September this year.
As you might imagine, Google’s move has set the cat among the pigeons. Aside from the obvious problem of applying EU laws outside of the EU, it places a considerable burden on site owners. To display cookie opt-ins to EU users only, they’ll need to implement a method of identifying EU visitors and serving separate content to them. In practice, it’s likely that site owners will simply choose to display minimal opt-in messages to everyone. It will be especially burdensome to small bloggers who run Google advertising and don’t have the technical knowledge to easily comply.
Last year, we published an article that detailed how Magento eCommerce retailers in Europe — and particularly in the UK — can implement cookie permission mechanisms. The same basic advice is applicable to retailers in the US and internationally.
For WordPress users, there are several plugins that will add cookie opt-ins to sites — keep in mind that these will be displayed to all visitors and not just EU visitors unless site owners implement a way to geotarget users.
If you need more information, Google has created a site which details how site owners can comply.
What do you think? Is this a positive move to protect the privacy of users, or an unacceptable burden on site owners and eCommerce retailers.Posted in: General