New privacy laws could impact on our ability to gather user data, potentially restricting the use of tools like Google Analytics.
The New EU Law
The EU will soon be enforcing a new directive which directly addresses the way cookies can be used – it’s a development of the EU’s ePrivacy directive. How will it affect your website? Well, no one seems to be totally clear but there’s certainly a ton of, what seems to be, well founded gloom.
Essentially the law requires website owners to get consent from website visitors to record and store information about them :
“site owners need to get an explicit opt-in in order to deploy practically any cookie” – Wired
Sweden’s New Law ‘Bättre Regler för Elektroniska Kommunikationer’ – A response to the EU law
In a few day’s time the Swedish Government will be voting on a new law ‘Bättre regler för elektroniska kommunikationer’ which will enforce the EU law.
Using my second language with a legal document is not a happy combination, but cookies are under the spotlight in this new law. For example, page 317 of the law says:
“Abonnenten eller användaren ska inte längre bara ges tillfälle att hindra lagring eller åtkomst, utan måste lämna sitt samtycke till åtgärden”
This sounds like the opt-in which the Wired Article, and several other commentators have described (Techcrunch have come out of the corner fighting on this one ‘Stupid EU Law‘). However, the Swedish law just does not seem clear enough.
“Vissa menar att samtycket måste inhämtas innan man besöker själva hemsidan, det vill säga i praktiken kommer man till en ”för-sida” där informationen om cookies ges till den enskilda användare som får godkänna dessa för att sedan länkas vidare till själva hemsidan.”: Ny lag för Cookies – Mathias Berggren
The EU law states that cookie use is acceptable where it is absolutely mission critical, but opinions will no doubt vary on what is critical.
Google Analytics – Can we still use it?
My sector, and many others, rely on using 1st party cookies to gather data on what our visitors do on our websites. This enables us to optimize the user experience – for a content rich website, like a university website, it’s a vital tool. This new law could very well prevent the use of Google Analytics, and thus leave a potential gap in our ability to understand how people use our websites.
There’s discussion about this on the Google Analytics forum.
Our search optimization efforts, measurement of YouTube success and use of adwords would, presumably, also be impacted. So, can we still use Google Analytics? It would be nice to get some kind of measured response from e-delagationen or Datainspketion (who have previously commented on the use of Google Analytics).
A Final Word
Several commentators consider this law simply to be unworkable, as to police it would be extremely difficult. Germany has banned Google Analytics, but do German sites continue to use it? It would be interesting to find out how such a ban actually works in practice. This law could be a massive blow to our ability to manage websites, a blanket enforcement of ‘do not track’ (or ‘do not track without consent’) could result in some bizarre user experiences with opt in messages plastering websites. Alternatives do exist when it comes to data collection, it’s true, and making sure we only collect aggregate data could defuse privacy issues at a stroke.
Let’s see where this lands – Don’t Panic.
I’ll be at the Google Analytics conference in Stockholm tomorrow, no doubt more light will be shed on this subject there.
Please feel free to leave comments on the new law, and particularly the Swedish law – be nice to get a lawyers input on this.