ICO Stats since requiring cookie permission
As you may have read recently, the ICO has published the details of the latest privacy laws. One of the biggest impacts will be the new requirement to attain permission to drop tracking cookies when people get to your web-site.
This only affects non-necessary cookies, so one that keep people logged in or maintain the cart contents are fine, it is mainly only the tracking cookies that simply help you measure your traffic and site usage that will be affected.
The ICO were the first to implement this and while it ‘probably’ didn’t affect their traffic, it dramatically altered the stats that Google Analytics could feed back to them.
The ICO obviously had to be the first to implement this and set the standard. Reportedly they are not in a rush to force people to implement this yet, although there will come a point when they will.
The ICO chose to use a nice low tech solution by adding a small banner at the top of their site asking people to tick a box and hit a button – this in turn drops a cookie telling the site that it can drop further cookies when that browser goes to the site.
Anyone who ticks the box get the cookies and doesn’t see that again in the browser.
While this is all very nice, I did mention that the stats for the site’s traffic dropped immensely. Here’s a screen shot from Vicky Brock’s flickr page courtesy of a Freedom of Information Request.
Founder of Chinwag.com Sam Michael have named this 90% drop in results: “Cookiepocalypse“.
It’s important to state that this is not the actual traffic dropping of, it is merely the recorded traffic dropping off due to people not ticking the box. Consequently they are not able to track as many people’s activity on the site.
So while I’m saying don’t panic the traffic’s still there, but feel free to panic a little bit because all of the benchmarks and KPIs the SEO team has been working on may no longer be valid once the law is actually enforced in 12 months time – if it enforceable at all.
Patricio Robles for Econsultancy said: “Needless to say, the ICO’s newfound inability to track traffic to its own website thanks to the regulations it has to promulgate will only fuel further debate about the new cookie regulations.“
What is a cookie
How does a cookie actually work?
For the full details on cookies, the ICO are directing us to allaboutcookies.org, here’s the really short version though…
Cookies are a small text file that can be dropped into the cookie folder of your computers web browser, it then holds a little piece of info that the site that dropped it can get at each time.
The important ones are there so you don’t need to login between sessions. You may have a tick box on login forms saying “keep me logged in” when you check that box before hitting submit, the site drops a cookie saving your user identity. Then each time you go to that site, the site sees the cookie and logs you straight in.
Each browser has it’s own cookie store, so if you login from Internet Explorer and tick to stay logged in, that will only work in Internet Explorer. If you then go to Firefox you will have to login normally and tick the box again to stay logged in from that browser.
For the record, the site is not actually keeping you logged in, it is simply logging you in automatically every time you visit that site.
Why does my analytics need a cookie?
Analytics packages, like Google analytics, drop a cookie in your browser when you land on the site. It is totally anonymous and all it does log you as someone on the site. This way it can see where people go and how long they stay on each page.
Also it means that as you go from one page to another, it can see that it is existing traffic rather than new traffic from places like Google. Not having cookies is why the ICO’s analytics are so low – the cookie that it needs to keep track of the traffic landing on the site, is not there for lots more people. Subsequently Google Analytics can only count those who have said yes, thus making the hit counts much smaller.
Why do I need to ask permission?
The law now requires site to ask permission to access any information on a users’ terminal (PC, Mac, phone etc.) that is not ‘necessary’ for the service that the user visits the site for. Counting site hits and user movement around the site, is not necessary for any user to get what they want from a site, so you have to get them to take an action to deliberately give you permission to drop that cookie.
What should I do about implementing the new cookie permissions?
Initially, like most brands, don’t rush to implement this. It is not a legal requirement to put live what ever it is you can immediately, we’ve got about a year before the ICO starts taking action.
Make a plan of how you would implement it and then keep an eye on how others have implemented it, how it works for them, keep an eye on the press in case anything changes and adjust your plan accordingly, being ready to implement at fairly short notice. Here’s some food for thought:
How do I ask for permission?
At the very basic level, you need to ask people to give you permission to drop tracking cookies when they visit your site.
Once they have allowed it once, you would not need to ask again for that browser.
The main consideration will be the interface you produce for the users, there are a few options, each with their own pros and cons:
Small form at the top of the site
Pro: non-interruptive, subtle and still noticeable. Uses can still use the site without having to be interrupted and pestered by the form.
Cons: So intrusive that people won’t be inclined to use it because they can continue to use the site without allowing cookies with no difference to their experience apart from a small box at the top.
Centralised Light Box
This is popular with adverts on publishing sites, you get to a page and a box appears in the middle, without everything else greys out and unclickable. You then have to close the lightbox or interact with it. it is an option to make the cookie permission pop-up in the middle, forcing someone to take an action, one way or the other, in order to use the site.
Pros: You will definitely get a decision each time, whether it is a yes or a no. So technically you should get higher numbers of people allowing your cookies. Also if people say know you can still ask them next and everytime. You won’t be able to let them stop them because you would need to drop a cookie to do so.
Cons: very interruptive, you may lose visitors all together because they cannot get the content they want without being interrupted. You will have to be very careful about the look and feel of it.
Until someone allows it, they will be asked for every page on your site they visit – this would be a pro or a con, as you are consistently forcing a decision.
Slide in side or bottom light box
This is the same as the centralised one but still allow people to interact with the site and will not appear in front of the main content. This could be a consistent box that sits there, slightly out of the way but still noticeable, until they tick the box.
Pros: not interruptive but still noticeable; how noticeable would be up to you. People can still interact with the site without doing it, so you might lose stats while keeping traffic.
Cons: people can still interact with the site; so while you don’t lose traffic you do lose the stats; if you’re priority is to get tracking back, you might need to make it a little more mandatory.
When should I ask permission?
Due to the fact that this kind of feature will need to drop a cookie to know to stop, it is all or nothing. Every person will be asked for every page you have it on until they say yes to it.
How can email marketing help me get cookie permission?
Email marketing is the most personal that digital marketing can get, it’s a direct email from you to your subscribers. People have deemed what you have to say important enough to them to trust you with their email address so they don’t miss out.
This is the most optimised place to get people to understand why they should do it.
In the same way as someone who interacts with your emails is more likely to spend money with you, they are also more likely to allow the cookies.
- Make it a call to action in every email you send, it doesn’t have to be the main one. Have it over on the right hand side, have a page dedicated to it on your web-site for people to click through to so they can read about it and say yes please.
- Do a dedicated campaign, an extra email in between the regular ones, just a small bit of content asking for people to click through to a dedicated landing page – this could be linked to prize draw if you feel the need for an incentive.
- You could even track who says yes from the email and reward them or just stop asking them in your emails.
- Tell people before you implement it so they are ready, give them a chance to give you permission before you implement the change, this way when you roll it out, less people will be negatively effected.
- Either way if people are not surprised when they click through and get hit by a light box, they are more likely to convert.
- Ask people to opt-in when they subscribe. If your sign-up form has an email field and a submit button – add a tick box to allow anonymous site use – maybe even link to a little popup content or a page telling people how safe an unintrusive it all is.
- At a very advanced level, you could even implement more of a membership plan where you allow people to log in and have a full profile on your site. The only mandatory information would be a username, password and email address. Optional preferences would then be to allow anonymous tracking, subscribe to emails and anything else you’d like to ask.