We caught up with our GDPR specialist Lewis Cockle about the latest Cookie update from the Information Commissioner’s Office and what we need to know to ensure we’re all implementing it correctly. 

At Natives, we’ve always helped the sector with advice and support around Cookies, check out what we said way back in 2012. 

Here’s what we found out…

Let’s jump straight in. Lewis, so what’s the latest in the world of Cookies?

Well, it’s certainly still not black and white, but recently the Information Commissioner’s Office (ICO) has further clarified their position on cookies and how they are affected by the General Data Protection Regulation (GDPR) and Privacy & Electronic Communications Regulation (PECR) 2003. Making things a little less ambiguous and a little easier to get your head around than when the last update came into play. 

Previously websites were required to notify and gather some kind of consent from users to store cookies in their browsers. But there were many interpretations of this regulation,  the most common being some form of the ‘cookie banner’. It was a relatively relaxed framework which didn’t conclusively say what type of consent was needed to place cookies on a browser. So it was left to interpretation, and the ICO finally put an end to that.

So does that mean the Cookie banner is dead? 

Not in so many words. The cookie banner isn’t dead; instead, it’s just time it evolved. With the new ruling, the Cookie Banner you present to your users needs to be sophisticated enough to ascertain informed consent, and provide users with adequate information regarding your Cookie policy. No longer is it enough to just announce you are using Cookies and users clicking “ok” or “accept” and continuing onto the site acquires that consent. So no, it’s not dead, and can be an effective mode of communication, but needs to be unambiguous, clear and specific.  

Cookie consent notices also need to be dynamic enough to obtain consent from users who use your site on several device types. 

What constitutes consent with this new regulation then? 

Consent for cookies must be freely given (in other words, the user can still proceed to your site regardless of if they accept or not); specific; unambiguous; informed; and must include a clear positive, affirmative action. Consent ascertained for Cookie use must be to the same standard as to what is required for GDPR. You can get up to speed on GDPR with one of our webinars here which is incredibly informative.

What are your top tips on making sure you’re complying with the updated ICO framework? 

I would say check out our friends over at Student Hut for the perfect example of a Cookie consent notice. They’ve got it spot on.

Student Hut Cookie Policy ICO Update

So what should student marketers do next? 

Well, of course, this blog post should not be used as legal advice, so if you are still unsure if your cookie policy or cookie banner is compliant or not, you should consult a legal professional. More information can be found on ICO's site so check that out too, including a useful flow diagram (Trust me, it's great.) But if your marketing strategy involves cookies at any stage, it really is crucial that you ensure that your cookie usage is compliant. 

And there you have it. If you would like to keep up with other industry and student marketing latest updates, you can with our awesome monthly Newsletter. An exclusive source of everything you need to know to really Think Student. 

Article by

Eleana Davidson Native Author

Eleana Davidson

Marketing Executive