New Google AdSense policies starting September

(Please note that this is not a legal instruction!)

Starting September 30th, Google will introduce a new user consent policy and thus comply with the
EU ePrivacy Directive 2009/136/EG. This stipulates that website operators who use cookies on their pages must first get the consent of users (only for EU citizens).

“You must use commercially reasonable efforts to ensure that an end user is provided with clear and comprehensive information about, and consents to, the storing and accessing of cookies or other information on the end user’s device where such activity occurs in connection with a product to which this policy applies.”

(Source: http://www.google.com/about/company/user-consent-policy.html)

In order to sensitize webmasters in this regard, Google is currently sending emails to
AdSense publishers. Therein, webmasters are asked to adapt their websites to correspond with the new EU policies by seeking the consent of EU users on the use of cookies:

Figure 1: Google informing AdSense Publishers about the change of policies

Google has in the past shown that data protection is taken very seriously. Publishers who will not have implemented the EU cookie directive by September 30th risk having their AdSense account deactivated.

What has to be done?

Google itself has not offered its own solution to prevent your account from being blocked, but has provided the http://www.cookiechoices.org/intl/de/ page which has useful tips and a few turnkey solutions from third-party companies.

If you would rather create your own solution, you should take the following points into account:

• Appropriate notification text

• “Accept” button

• “Additional information” link

• Corresponding information in the imprint

Anyone who prefers a simple and quick solution and also uses WordPress can simply use one of the many available plugins.

Figure 2: Short overview of the EU cookie plugins for WordPress

I have tested several plugins and would like to use the Simple Cookie Notification Bar Plugin to show how one can integrate the new EU guideline.
After installation of the plugin, you will find a new simple cookie bar in settings. You can use this to view the content and edit the appearance of the information box.

Figure 3: Settings of the simple cookie notification bar plugin

Appropriate Notification Text

First, you need a text informing the user that he/she agrees to the use of cookies. Here, Google has not stipulated any special requirements, but has rather provided a sample text with which webmasters can orient themselves.

Figure 4: Google’s sample text

Accept Button

In order to enable your users to agree to the use of cookies, you need the appropriate button or link. How it looks is up to you. You should however ensure you use unambiguous button text such as “OK”, “Accept”, or “I agree”.

Additional Information Link

In order for users to be able to further inform themselves, Google recommends that one implements an additional link that, for example, points to data protection rules.

Cookie Directive in the Legal Notice or Privacy Policy

Anyone who uses Google Analytics has probably already received a notification about the cookies in their Legal Notice or Privacy Policy. If you do not use Google Analytics, you should extend your data privacy provisions accordingly. Samples for doing this can be found here and here.

Check the functionality

Once the notification has been correctly implemented, it is advisable to open a new browser window in incognito mode. This is basically cookie-free and will enable you to see your page just like a first-time visitor.

Figure 5: Open a private window in Firefox

If you now visit your website, you should see your newly implemented cookie notification. First test the additional information link and then click on “OK”. If you now continue surfing on your website, no more notifications should be displayed.

Figure 6: EU cookie directive successfully implemented

Alternatively, you can also use the Google Search Console and render the URL. To do this, log in to the Google Search Console (previously called Google Webmaster Tools) and click on Crawling >> Fetch as Google. In the next step, enter the URL (1) and select Fetch and render (2).

Figure 7: Render URL in the Search Console

Figure 8: Test the website in the Google Search Console

The new Google directive also applies to mobile devices. You should therefore test the URL on your smartphone or in the Search Console as well. To do this, simply click on Fetch as Google and select Smartphone from the dropdown menu.

Figure 9: Visit using Google Mobile

After Google has processed the URL, you can see if the notification on the cookie directive is also displayed on mobile devices.

Figure 10: The EU cookie directive must also be observed on mobile devices

Conclusion

There is still a little more time before the new EU cookie directive takes effect. However, even though the implementation is very easy, and can be performed through WordPress with just a few clicks, one should still not underestimate the required lead time, especially for large websites.

Although Google has not provided concrete information about what will happen to websites that will not have implemented the guideline by September 30th, 2015, everyone should still avoid having to find out by risking their own website.

Below are several useful links you can include in your email to IT:

EU Cookie Hint for Typo3
Frequently asked questions (Google)
http://www.cookiechoices.org/intl/en/