Email and the Law

Cookie monsters threatening email marketing

The heading is not strictly descriptive of this article, something I would argue against in normal circumstances, but I couldn’t let such an opportunity pass. I knew you would realise I was talking about those little ‘tags’ that allow tracking of user activity on websites. Email marketing software depends to a great extent on them.

Four years ago it became UK law for websites to obtain consent for such text files to be placed on visitors’ devices. Initial fears that they would require explicit agreement, rather like subscribing to email marketing lists, were proved a bit wide of the mark and a very sensible notification is all that is required.

Seven months ago an EU working party was set up to report on, in effect, compliance and the methods employed. It checked 478 websites, including the 250 most visited ones in each EU state. The working party issued its report (A29 Report) earlier this year and a few days later the Information Commissioner’s Office (ICO) produced a welcome summary.

The findings were rather startling. Out of the member states reviewed, Czech Republic, Denmark, France, Greece, Netherlands, Slovenia, Spain and the UK, the country which set the fewest cookies on first visit was Solvenia, at 5.5, and the highest was the UK at 44.2 although no figure was given for France, which is believed to set the most. This is supported by the total set by France being 4238, a significant headline figure, and second place being taken by the UK with over 10% fewer.

A figure that might come as a surprise was that 70% were third party cookies, set on a website but controlled by, obviously, a third party. Another statistic that is surprising is that more than half of these, over 35% of all cookies, were set by just 25 organisations, mainly by advertisers separate from the website company.

One fact that might come back to bite us later is that 86% of cookies are persistent, in the sense that they remain on a computer after completion of a browsing session. The norm is that they will expire between one and two years, although some last much longer, up to nearly 8000 years. This would appear to fly in the face of the Data Protection Act.

94% of UK informed visitors that cookies were set, well above the average. Overall, of the websites that did inform, 50% asked for consent and 16% provided on-site tools to turn off cookie setting.

WizEmail's SecurityBot and The Cookie monster - which does what in email marketingIt would appear that once the shock of the bare figures subsides, the A29 Report is largely positive for email marketing, with the vast majority of websites conforming to the requirement to inform visitors of the placement of cookies. Despite coming near the top in placement, we are not so far ahead of the others, and no doubt some of the countries not included in the survey would be fairly similar.

Two things in the A29 Report might concern the EU, never reluctant to get excited for others, the first being the length of time some cookies are set. Even one year might be seen as excessive. 

The other is that 25 advertisers set 70% of cookies. This might well be of concern.

From an email marketing point of view, it seems the threat to out data feed has receded.



30 days full functionality - No credit card required - INSTANT ACCESS