The first requirement of the UK law is that sites do an audit to determine what cookies are used on their site. The Directive asks them to identify two types of cookies: those it deems “strictly necessary” and those that are not. The problem is that most sites have no idea what cookies it might be serving to users. However, US-startup CloudFlare is about to launch a service which will tell site what cookies they are serving and a way to control them: CloudFlare Audit + Control.
CloudFlare launches its Audit service first, possibly later today. This will interrogate a site and deliver a report on what cookies are being served.
After building a database of all the web’s cookies and the widgets that drop them, CloudFlare then plans to enable the second portion of the Audit + Control app. This will allow site owners to selectively enable/disable cookies and third party scripts on an individual basis via CloudFlare’s interface. Site owners won’t need to change any of their underlying code.
The idea is that sites will then be able to comply with the opt-in requirement of the EU law, which comes into effect later this year, without harming the core functionality of their sites.
The service is available for free to any CloudFlare users (CloudFlare’s basic plan is also free) but non CloudFlare customers will get the Audit portion in three weeks. The Control part of the service will only be fore CloudFlare users.
CloudFlare knows its onions on this score. It already powers nearly half a million websites and sees over 45 billion monthly page views across its network for more than 450 million unique visitors.
Clearly the Directive will put sites run out of Europe at a disadvantage to their US competitors, and slap bang in the middle of a recession. Not only that but the law applies to any website that has European visitors, so it’s not just an issue EU webmasters need to worry about. However, I’d love to see the European Union try to bring an action against multiple Stateside sites.