As UK companies scramble to comply with new laws requiring them to disclose and get permission for all the cookies they use, a new study has found that more than two thirds of all the bits of tracker code on websites are from third parties. Which means they are essentially for delivering targeted advertising or analysing behaviour across the website.

It helps explain why compliance with the new cookie laws has been so slow and difficult for many companies. It is very likely they don’t want to broadcast to the world just how many different organisations are grabbing data about their customers. 

Will people panic when they see the full list of trackers? Dave Deasy, vice president of marketing at TRUSTe, which carried out the survey, says people are usually surprised and concerned when they find out.

He tries to encourage companies by adding that other research has shown that people do get comfortable with the level of tracking as time goes on and if companies are upfront about what they are doing.

But TRUSTe’s research on this is from the US, where people have the option of opting out if they don’t want to be tracked. Thanks to inertia, only a small handful have tended to do so.

In the UK it will be different, as people will have to actively opt in to tracking and – inertia again – only a few people will, leaving advertisers without their data. The Information Commissioner’s website, for example, only had 10 per cent of visitors opting in to use cookies, driving the team managing the website to despair because they no longer have any meaningful analytics about the site. It is a worrying example for many companies.

There are now just 40 days to go until the data protection laws come in, and IT professionals are seeing something of a rush by companies to get some kind of audit done.

ISBA, the advertiser’s trade body in the UK, has said that 80 per cent of its members have at least started an audit of the cookies they use, but David Ellison, marketing services manager, admits there is still a long way to go.

“Although our survey shows some encouraging signs among our members it is still apparent that not every organization has been working towards compliance. This is a concern. With less than 40 days until enforcement kicks in, we are actively encouraging all of our members to work towards compliance. Non-compliance is not an option,” he said.

Just how strict the Information Commissioner will be on the issue after May 26 remains to be seen. The ICO is known for its pragmatic, pro-business stance, so many company hope that any small transgressions will be overlooked. But the regulator’s attitude will not matter. After May 26 any privacy activist – and they really aren’t crazy about all this advertising – will be able to use the law to take companies to task.

Get alerts on Technology sector when a new story is published

Copyright The Financial Times Limited 2019. All rights reserved.
Reuse this content (opens in new window)

Follow the topics in this article