Thanks to an eleventh hour change of guidance from the ICO, as well as the fact that few sites have been crazy enough to implement strict cookie compliance, the internet appears to have survived the cookie law so far. 

New stats from TRUSTe, based on a study of 231 of the most popular UK websites, show that just 63% have taken some steps towards cookie law compliance

Most have opted for relatively unintrusive privacy messages with minimal controls, which is perhaps the most sensible approach.

Here are a few examples, and more stats from the report...

Levels of cookie law 'compliance'

  • 12% of the 231 websites studied had implemented prominent privacy notices with robust cookie controls.
  • 51% had opted for minimal privacy notices with limited cookie controls.
  • The remaining 37% did not appear to have taken any steps towards compliance. 
  • Of the 37%, 49% had a low number of third-party cookies present on their site (0-25), 35% had a moderate level of third-party cookies (26-50) and 16% had a high level of third-party cookies. 

Examples of prominent privacy notices and cookie control options

Toyota has opted for a prominent status bar, similar to that used by the BBC. It's certainly hard to miss though, if I wanted to pick faults, the black background doesn't make the text as easy to read as it could be, while the green anchor text that leads to the cookie controls is even harder to read. 

If you click the green link, you can then access detailed information and accept or reject certain types of cookies: 

Most examples I have seen of 'stricter' cookie law compliance methods are from financial sites, or brands (like Toyota) that don't necessarily sell directly online, so it's interesting to see an e-commerce site allowing users to set cookie preferences on site. 

One such example comes from shoe retailer Aldo though, perhaps wisely, it doesn't add a message as prominent as that of Toyota to its homepage: 


This then leads to a page where users can set preferences: 

Minimal privacy notices

This is the approach taken by Econsultancy, which our CEO Ashley Friedlein has explained. This approach allows users to find the information they need if they are concerned about cookies, but also avoids any disruption to the user experience. 

Not surprisingly, this is the method used by most e-commerce sites (if they have done anything). 

For example, John Lewis has added a more prominent link to its cookie and privacy policy. While it doesn't stand out that much, it is in an area of the page where users are more likely to see it:

The retailer presents detailed information about the cookies it uses, though it doesn't allow users to change settings on site, instead pointing people to browser settings:

Here's a summery of the results from TRUSTe's study: 

Graham Charlton

Published 6 September, 2012 by Graham Charlton

Graham Charlton is editor in chief at SaleCycle, and former editor at Econsultancy. Follow him on Twitter or connect via Linkedin.

2566 more posts from this author

You might be interested in

Comments (8)

Save or Cancel

Hannah Norman, Digital Marketing Executive at Koozai Ltd

It's interesting to see who has taken steps on the Cookie front and who hasn't. I was reading this article today on the BBC website and had to laugh...
It seems not all sites are as keen on complying as others. Do you think they'll be dealt with as it suggests in the article?

almost 6 years ago

Alan Cairns

Alan Cairns, Search & Social Marketing Analyst at BozBoz

Interesting, I wonder if many of the BBC sites are compliant yet -

The best cookie notice I have seen can be found at the top of the Daily Mash website.

almost 6 years ago

Graham Charlton

Graham Charlton, Editor in Chief at SaleCycle

Nobody will ever be dealt with as it's almost impossible to make a complaint. This ICO form is the slowest ever:

almost 6 years ago


George Grey

This law just seems very difficult to police and I have to agree that the majority of people if not all who break this law probably will probably get away with it. Is it not just a waste of time?

almost 6 years ago



Good for Silktide for their demonstration. The ICO should be looking to take action against those who do not comply with their law - so many websites have implemented these 'invasive' banners and policy declarations. Why should those who ignored the new law get away with it?! Of course the best idea would have been a government designed universal image/link that everyone had to include because enforcing the law would have been easier (either it's there or it isn't).

almost 6 years ago

John Braithwaite

John Braithwaite, Managing Director at Ergo Digital

The only reason why Silktide have done this is for their own publicity.

Sites we've done have experienced no disruption and minimal expense (over and above what they need to do anyway to have the correct 'legals' on their site) in implementation.

It's going to become like the opt-in tick-boxes on forms... an unfortunate necessity.

almost 6 years ago

Andy Killworth

Andy Killworth, Digital Marketing Executive at Koozai

A bad law, badly implemented. I came across recently which puts a great argument against it, concisely demonstrating the flaws - especially the PITA that is the ICO complaint e-form.

almost 6 years ago


Felix Michael, Owner at BA21 4DH

This post is little old. I understand that EU Cookie law was taken very seriously. Every website that falls under Europe territory and offer their services in Europe had to abide by this law. If not they had to face the consequences.
Fortunately , this law is taken out. None of site has to abide by this rule in 2014.

about 4 years ago

Save or Cancel

Enjoying this article?

Get more just like this, delivered to your inbox.

Keep up to date with the latest analysis, inspiration and learning from the Econsultancy blog with our free Digital Pulse newsletter. You will receive a hand-picked digest of the latest and greatest articles, as well as snippets of new market data, best practice guides and trends research.