“Cookie audits” resurfaced as a major topic shortly after the United Kingdom’s Information Commissioner’s Office (ICO) recommended that such audits become a regular part of a company’s privacy compliance efforts.
A cookie audit should inform website operators about the:
- presence of cookies on a website
- purpose and use of each cookie including the cookie’s involvement with processing of personal data
- values, data, lifespan and other attributes linked to each cookie
- proper categorization of each cookie such as required, functional or advertising
- classification of each cookie as first or third party
Further details about the ICO’s guidance on cookies can be found in the UK ICO and French CNIL Cookie Consent Privacy Compliance Update Advisory and the Cookie Crack Down Webinar.
Every website is unique, but cookie audits do not need to be a difficult exercise for companies wanting to address consent requirements from the GDPR, CCPA, and other regulations. The TrustArc Website Monitoring Manager enables companies to perform cookie audits starting with a deep website scan. The results can be integrated to the cookie consent notice and downloaded as a report to be shared with others.