TrustArc Blog

Cookie Audit — Ready to Perform One Today?

August 29, 2019

“Cookie audits” resurfaced as a major topic shortly after the United Kingdom’s Information Commissioner’s Office (ICO) recommended that such audits become a regular part of a company’s privacy compliance efforts.

On July 3rd, the ICO announced that it had published a new, detailed guidance covering the use of cookies and similar tracking technologies on websites and other terminal equipment. As part of this guidance, the ICO emphasized the importance of performing comprehensive cookie audits to detail what cookies are being used on a website and to discern which of them comprise “strictly necessary” first and third party cookies versus those which do not. 

A cookie audit should inform website operators about the:

  • presence of cookies on a website
  • purpose and use of each cookie including the cookie’s involvement with processing of personal data
  • values, data, lifespan and other attributes linked to each cookie
  • proper categorization of each cookie such as required, functional or advertising
  • classification of each cookie as first or third party

Further details about the ICO’s guidance on cookies can be found in the UK ICO and French CNIL Cookie Consent Privacy Compliance Update Advisory and the Cookie Crack Down Webinar.

Every website is unique, but cookie audits do not need to be a difficult exercise for companies wanting to address consent requirements from the GDPR, CCPA, and other regulations. The TrustArc Website Monitoring Manager enables companies to perform cookie audits starting with a deep website scan. The results can be integrated to the cookie consent notice and downloaded as a report to be shared with others.