Thanks to an eleventh hour change of guidance from the ICO, as well as the fact that few sites have been crazy enough to implement strict cookie compliance, the internet appears to have survived the cookie law so far. 

New stats from TRUSTe, based on a study of 231 of the most popular UK websites, show that just 63% have taken some steps towards cookie law compliance

Most have opted for relatively unintrusive privacy messages with minimal controls, which is perhaps the most sensible approach.

Here are a few examples, and more stats from the report…

Levels of cookie law ‘compliance’

  • 12% of the 231 websites studied had implemented prominent privacy notices with robust cookie controls.
  • 51% had opted for minimal privacy notices with limited cookie controls.
  • The remaining 37% did not appear to have taken any steps towards compliance. 
  • Of the 37%, 49% had a low number of third-party cookies present on their site (0-25), 35% had a moderate level of third-party cookies (26-50) and 16% had a high level of third-party cookies. 

Examples of prominent privacy notices and cookie control options

Toyota has opted for a prominent status bar, similar to that used by the BBC. It’s certainly hard to miss though, if I wanted to pick faults, the black background doesn’t make the text as easy to read as it could be, while the green anchor text that leads to the cookie controls is even harder to read. 

If you click the green link, you can then access detailed information and accept or reject certain types of cookies: 

Most examples I have seen of ‘stricter’ cookie law compliance methods are from financial sites, or brands (like Toyota) that don’t necessarily sell directly online, so it’s interesting to see an e-commerce site allowing users to set cookie preferences on site. 

One such example comes from shoe retailer Aldo though, perhaps wisely, it doesn’t add a message as prominent as that of Toyota to its homepage: 


This then leads to a page where users can set preferences: 

Minimal privacy notices

This is the approach taken by Econsultancy, which our CEO Ashley Friedlein has explained. This approach allows users to find the information they need if they are concerned about cookies, but also avoids any disruption to the user experience. 

Not surprisingly, this is the method used by most e-commerce sites (if they have done anything). 

For example, John Lewis has added a more prominent link to its cookie and privacy policy. While it doesn’t stand out that much, it is in an area of the page where users are more likely to see it:

The retailer presents detailed information about the cookies it uses, though it doesn’t allow users to change settings on site, instead pointing people to browser settings:

Here’s a summery of the results from TRUSTe’s study: