The EU e-Privacy Directive was introduced last year as a way of forcing websites to be more open about the type of cookies they used to track visitors.

Initially there was quite a lot of apprehension as site owners were concerned that they’d be forced to add intrusive pop-ups and force visitors to opt-in before they could begin using the site.

Thankfully the Information Commissioners Office (ICIO) took a lenient approach to enforcement and allowed sites to use an ‘implied consent’ measure, which means that they can get away with simply making their cookie policy more prominent rather than explicitly asking for users to accept cookies.

Even brands that do explicitly inform users that the site uses cookies generally don’t give an option to opt-out, but instead direct people to change the settings in their browser.

Around this time last year I flagged up 20 examples of cookie law compliance, so thought it would be interesting to check back and see how these sites have adapted their approaches, as well as highlighting some other high profile examples.

Overall the sites tend to take one of three options:

  • Display a massive banner or pop-up that is almost impossible for users to miss, notifying people of the basic details of the cookie policy.
  • Display a discreet notice alerting people to that fact that cookies are used.
  • Do almost nothing at all, simply adding a small hyperlink somewhere on the homepage.

Those with a hyperlink only…

Thomas Cook

Thomas Cook has retained its discreet ‘Privacy Policy and Cookies’ link.

Thomson

Thomson has also seen no reason to update its tiny statement on cookies.

John Lewis

John Lewis has done away with the notice at the top of its homepage, so now the only link is a tiny banner in the footer.

House of Fraser

House of Fraser is one of a number of retailers that just has a small hyperlink to its cookie policy at the top of the screen.

M&S

Last time I checked M&S had a fairly prominent link at the top of its homepage, but this has since been downsized to a tiny text link at the very bottom of the page.

Facebook

Facebook has a teeny, tiny mention of cookies on its homepage. But you really have to look for it.

Those with a discreet banner…

Gocompare.com

Gocompare.com has made its cookie policy notice slightly more prominent, with a grey box rather than a simple text link.

Debenhams

Debenhams’ cookie policy appears at the bottom of the homepage the first time you visit the site. It accentuates the positives, stating that cookies are used in order to deliver a “fabulous” user experience.

Lastminute.com

Lastminute has opted for a discreet yellow banner at the bottom of the screen.

BBC Good Food

The BBC has done away with its intrusive pop-up and replaced it with a simple banner at the top of the homepage. It is a vast improvement on the old version.

The Guardian

The Guardian has opted for a small, concise notification at the top of its homepage.

Those with a prominent banner or pop-up…

The Co-operative Bank

The Co-op bank initially displayed a small ‘Privacy and cookies’ button, but that has since been replaced with a large banner that briefly explains why cookies are necessary.

Santander

Santander has also given its cookie policy more real estate since last year. As with other sites it sells the benefits of allowing cookies, stating that they are used “to deliver superior functionality and to enhance your experience of our websites.”

Games Workshop

Games Workshop potentially has the most imposing cookie pop-up I’ve come across. You can’t actually enter the site until you agree to accept cookies.

ITV

ITV has opted for a prominent banner at the top of its homepage.

B&Q

B&Q has also made its cookie notification far more prominent. It now has a big, bright banner at the top of its homepage whereas previously it only had a small notice tucked away at the bottom of the page.

ASOS

ASOS has a cookie pop-up that appears in the bottom right-hand corner of the screen. It’s unmissable, but it’s likely that most people will simply click ‘Okay’ just to get rid of it.

How do you approach the issue of cookie compliance? Do you feel a prominent message is necessary? Or, since enforcement has been less strict than expected, is it a bit OTT?