ICO publishes advice on cookie law

ICO publishes advice on cookie law

Summary: Businesses should gain consent before placing cookies on customers' computers, according to new advice from the Information Commissioner's Office

TOPICS: Security, Legal

Businesses should gain user consent for cookies that collect statistical information or remember user preferences, according to the UK privacy authority.

ZDNet UK app

ZDNet UK app for iPhone and Android devices

It's small, it's simple, it's multi-platform. The ZDNet UK app is now available for download from the App Store and Android Market.

Read blog +

The advice was included in the Information Commissioner's Office's (ICO) cookie law guidance (PDF), published on Monday. Businesses cannot yet rely on consent via browser settings, so must find alternative ways of gaining consent for cookies that store information on users' machines, the advice stated.

The cookie guidance is for compliance with UK regulations that will come into force on 26 May. The law will not be enforced right away, but businesses need to take steps now to ensure future compliance, the ICO said.

"We want people to be moving towards websites being compliant, but measures don't have to be in place by 26 May," an ICO spokesman told ZDNet UK on Monday.

Changes to terms and conditions to gain user consent may only be compliant if websites also explicitly ask users for consent to use cookies, the guidance states. According to the ICO spokesman, the office will publish guidance on enforcement action "in the coming weeks".

Although the European Union set a deadline of 25 May for the implementation of its new web-tracking rules, and the UK transposition of those rules is supposed to take effect the following day, the Department for Culture, Media and Sport (DCMS) said in April that enforcement would be delayed "in the short term" while technical solutions are established for the gaining of consent.

Get the latest technology news and analysis, blogs and reviews delivered directly to your inbox with ZDNet UK's newsletters.

Topics: Security, Legal

Tom Espiner

About Tom Espiner

Tom is a technology reporter for ZDNet.com. He covers the security beat, writing about everything from hacking and cybercrime to threats and mitigation. He also focuses on open source and emerging technologies, all the while trying to cut through greenwash.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


1 comment
Log in or register to join the discussion
  • Now if I decide not to have cookies I wonder how they will store that choice.

    What's the easiest way to do that?
    Ah yes store the choice in a cookie on the users machine.
    Oops cant do that.
    So every time I access a page on that web site I'll be asked the question again?
    That's dumb.