The legislation states that cookies must not be used unless the person visiting the site is provided with clear and comprehensive information as to exactly what the cookies do and has given his or her consent to allow it.
In a very good article on FluidWebWorks, Jessica Shailes writes: "this directive is creating way more problems than it’s solving. In order to get permission you are forced to either stop site visitors when entering your site with a pop up and demand permission at that point, OR use a banner at the top or bottom of your website asking nicely. The first option is intrusive and may well put a lot of visitors off your website altogether. The second option risks being ignored by people who just don’t understand what they’re agreeing to."
So if people ignore the request or refuse to give permission, tracking cookies won’t work and nor will cookies designed to improve the visitor's experience of the website. In addition, as Shailes points out, any advertisements that are highly targetted won't work either.
Some people may be tempted to ignore the directive - but with a maximum penalty of half a million pounds, that's probably not the best option. I notice that several software companies have come up with solutions to the problem of asking permission - all at a cost of £200 or more. However, if your website is WordPress based, there's a plugin - called, unsurprisingly, the EU Cookie Directive plugin - which will do the job. And Jessica Shailes has posted a video on YouTube, showing how to install it.
If you're not WordPress based, it's more difficult and you may need to think about removing cookies. However, it's worth finding out whether there are other ways around it. I've mentioned before on this blog that I like StatCounter for the accuracy and depth of the information it produces. I emailed the company's helpdesk and was told that it has implemented a cookie opt out which enables users to use StatCounter codes that are cookie-free. Although this will interfere with the collection of information on first time, returning and unique visits, it will still allow the collection of information on popular pages, entry and exit pages, keyword activity, exit links, visitor paths, visit length and more.
I was also directed to a post on the Statcounter blog in which the writer discusses the directive at some length and says "It would appear that this Directive has been badly drafted and takes little or no account of how the internet actually works. To obtain prior consent for every cookie, would result in a severe diminution of the quality of the online user experience. Imagine… Every website in the EU would have to use a pop up form to obtain consent for evey cookie… Users would be obliged to deal with these pop ups multiple times every day… Web browsing would become frustrating and cumbersome… And, somewhat ironically, the very people who reject cookies would suffer the worst experience; websites wouldn’t function correctly; shopping carts wouldn’t work and, as they don’t allow any cookies to remember their preferences, they would be prompted to opt in/out on potentially every page of every site they visit! In the end, most people would probably opt in to all cookies simply to eliminate all the pop ups… thereby defeating the purpose of this Directive in the first place!"