The lead in period for compliance expired in May 2012 but 4 years on and many websites are still not cookie compliant.
The ICO is currently free to consider using its enforcement powers to compel compliance, and the maximum fine for the most serious cases of non-compliance is £50,000.
Current Rules on Cookies
The use of cookies is only allowed if the user concerned:
- Has been provided with clear and comprehensive information about the purposes for which the cookie is stored and accessed.
- Has given consent.
What Websites Should Have Done by Now
As a minimum, website owners should now be able to show that they have taken steps towards compliance, including: -
- Carrying out a cookie audit to check what type of cookies they are using and how they are using them.
- Assessing how intrusive those cookies are to the user’s privacy.
- Deciding how best to obtain consent.
The more that cookies intrude into a user’s privacy, the important (and urgent) it is to be addressing this issue, and the more important to be prominently providing information about those cookies and obtaining meaningful consent.
Should you wish to discuss your cookie policy requirements together with web-related privacy policies and acceptable use policies, please do not hesitate to contact BakerLaw’s Head of Company and Commercial Jonathan Craig at jonathan.craig@baker-law.co.uk or 01252 730 754 to discuss further.
Comments