Updated on 14.11.2018: This module now addresses the General Data Protection Regulation (GDPR) that came into effect 25th May 2018, as same as the EU Directive on Privacy and Electronic Communications from 2012.

The Drupal module available for download here was built to make it easier to comply with the EU Directive on Privacy and Electronic Communications. The module can be used in any EU country that enforces this directive. In the UK the law comes into effect on 26th May 2012. From that date on, if you are not compliant or visibly working towards compliance, you run the risk of enforcement action which can include a fine of up to half a million pounds for a serious breach.

This module provides:

  • customisable notifications in the form of pop-ups that inform visitors that cookies are being used on the site. Those alert visitors that further browsing means giving consent to setting cookies.
  • an option to place the notifications at the top or at the bottom of the website.
  • a javascript function that can be used to conditionally set cookies.
  • a link to information page on which information about cookies should be presented to the visitor (the page will be specific to each site and hence should be created by the user).

This module does not provide:

  • prevention of cookies being set on the site

This module can be viewed as the first major step in working towards compliance with the above mentioned directive and it should not be viewed as a full solution. After enabling this module all cookies are still being set and hence simply installing this module may not make your site fully compliant. In order to fully comply a full audit of cookies may be necessary. Some of the cookies that are required for your site to function properly such as session cookies are exempt from the regulation. However, if your site does set cookies that require prior consent from the visitor (i.e. third party tracking cookies) you should amend your code and set the cookies conditionally only after consent is given.

Installing this module will however demonstrate to the regulator that you, as the owner of the website:

  • are doing as much as possible to reduce the amount of time before your visitors receive information about cookies (information appears as soon as a visitor enters the site)
  • are providing your visitors with options. (find out more about cookies, do not browse if you disagree)
  • ensure that the information on cookies is readily available to your visitor.(visible pop-up at the bottom of the screen)
  • are visibly working towards compliance (even if you do not perform a full cookie audit, it’s clear that some effort has been made)

The information above was taken from ICO – the UK regulator for the EU directive. Please refer to the full guidance from ICO that is available here

Module page: EU cookie compliance