While no official guidelines have been released on the best way in which to adhere to this new law, you should conduct an audit to identify all of the cookies that may be stored on the computers of your website’s visitors, whether they are created by your business or a third-party company, such as an ad network. Where cookies are needed to enable you to meet your business’ goals, you should ask permission to store them and explain the reasons for their use.
If you believe that the majority of your website’s visitors will refuse to grant you the permission to store cookies on their computers and hence, you will experience a reduction in the amount of data available to you through your analytics package, you must strive to make the process of gaining permission as simple and effective as possible. While you can place a link to a privacy notice that contains a list of all the different types of cookies you wish to place on your visitors’ computers alongside your request for permission, it is highly advisable for you to make accessing this information as convenient as possible for your visitors. You can do this by listing all of the different types of cookies alongside your request for permission, rather than in a separate link.
At the time of writing, there has been no confirmation with regards to the types of penalties you will receive if you fail to comply with the EU cookie law. However, it is essential for you to keep yourself up-to-date with the latest guidance on this matter from the Information Commission’s Office (ICO).