Here, then, is a review of some of the WordPress plug-ins I’ve tested. All reviews state the plug-in version so you can see if they’ve been updated since I looked at them.
Worth noting that I’m not going to comment on whether or not each plug-in actually satisfies the legislation. Many take the easier “implied consent” approach and people have differing opinions on this so I’ll leave it up to you to find the solution that best fits your needs. As always, I am not a lawyer! My focus here is on the usability and accessibility of the solutions.
UK Cookie Consent
Version 1.31 – download
There are a couple of accessibility issues – the links come last in the tabbing order and do not change state on focus, so it’s harder for a keyboard user to use the links. I’ve contacted the developer to see if they can fix these.
Version 1.5 – download
Civic UK’s Cookie Control plug-in is interesting because you can tailor it to obtain different types of consent, depending on how you wish to comply with the legislation – whether seeking implicit or explicit consent, or just providing info about cookies. You can customise the content and appearance of the message, which pops up in the bottom right or left of your site.
One issue I noticed was that although the pop-up appears when you first arrive on a page, it’s hidden by default on subsequent pages. You have to change it from “implied” consent to “explicit” consent to change this. It also fades away after a few seconds, although you can bring it back by clicking the small icon that remains in the corner at all times – this means that it technically passes WCAG’s timing requirements, and you can increase the time that will elapse before it disappears, if you’re worried.
The pop-up does appear first in the tabbing order, which is good, but the links don’t change state on focus, so a keyboard user could easily miss the links.
Cookie Law Info
Version 1.0.2 – download
This one is interesting because you can upload the details of each of your site’s cookies and automatically generate a table of them on any page using shortcodes. This makes presenting accurate info about your cookies much easier.
The message appears in a thin box at the bottom (by default) or top of your site. You can customise everything from the text and links to the colours and fonts. You can also give it a subtle animated effect on load, helping to draw attention to it. Sadly there doesn’t seem to be an option to keep the message on the screen at all times when placed at the top – it appears inline and disappears as soon as the user scrolls down.
There’s an option to retain a “show again” tab after the user has dismissed the main message – this is a nice touch but not really necessary and just gets in the way, so you’ll probably decide to turn this off.
By default, the “read more” link opens in a new window, but you can change this is the settings. The bar is first in the tabbing order, but the links don’t change state on focus, so a keyboard user could easily miss the links.
Version 1.0.5 – download
This one takes a far more direct approach, presenting the user with an intrusive pop-up which they must respond to (either accepting or denying cookies) before they can access the website.
This approach was adopted by a small number of sites early on, but quickly abandoned by most as having a serious impact on usability. Arguably this is one of the only ways to truly guarantee the informed, explicit consent of a user before a cookie is saved, but I’d consider the negative usability impact to be too great to justify this approach. Indeed, if all EU websites did this, the web would fast become a very frustrating place to be.
In terms of accessibility, luckily you can tab straight to the pop-up, but the lack of a distinct focus state, as with all the previous solutions, is an issue.
Version 1.2.5 – download
This one has a couple of interesting features which set it apart from other solutions.
Firstly, you can ask for permission for different types of cookies – for example, you might accept functional cookies but deny advertising cookies. This level of control is really useful, but I do have doubts about how many users will really understand the differences, even with the short explanations that the plug-in presents.
But the other feature which I liked was that the plug-in instructions and settings constantly refer to the EU directive, reminding the site owner that it’s up to them to make sure they are compliant. For example, you can choose to make the various types of cookies automatically available until the user opts out, but the instructions clearly remind you to “remember the rules!!!”. I like this approach because it strikes a good balance and allows the site owner to decide how strict they want to be.
Unfortunately the pop-up appears last in the tabbing order, and (again!) has no change of state on focus. Also, once minimised, the button to re-open the pop-up is a rather amateurish graphic of a cookie. I certainly wouldn’t want this appearing on any of my sites, although I think you can apply different skins.
Just in these 5 solutions, it’s clear that there are a huge variety of approaches to complying with the directive. It’s also clear that there continues to be significant accessibility pitfalls in implementing a solution, with keyboard users particularly disadvantaged.
For now, I’ve chosen the Cookie Law Info plug-in which is relatively unobtrusive but persistent until the user dismisses the message - a good compromise. Hopefully with a little tweaking of the CSS, I can solve the remaining accessibility issues. And with a bit of luck (and pestering), I hope the developers of these solutions will take my lead in doing the same.
What solution have you chosen, for WordPress or any other site? Are you worried about its impact on your site’s accessibility. Get in touch if you’d like me to take a look – I can offer anything from a brief summary to a full audit.