ICO to enforce cookie law from this weekend

ICO to enforce cookie law from this weekend

Summary: UK data protection authorities will start to enforce a year-old cookie law from this weekend.UK organisations must be able to show they are making efforts to get consent for placing tracking programs called 'cookies' on web visitors' computers and devices from Saturday.

SHARE:
TOPICS: Security
0

UK data protection authorities will start to enforce a year-old cookie law from this weekend.

UK organisations must be able to show they are making efforts to get consent for placing tracking programs called 'cookies' on web visitors' computers and devices from Saturday. The Information Commissioner's Office (ICO) will begin to enforce complaints about cookie use from 26 May.

The data protection watchdog has contacted 50 organisations including Apple UK, Facebook and Google, to quiz them on their use of cookies, according to the ICO.

Amazon, BBC News, Everything Everywhere, and Microsoft were among the organisations that were contacted. The list of organisations was published in 'related items' at the bottom of a blog post on Friday by Dave Evans, ICO group manager for business and industry.

"We expect organisations to be on the path to compliance — which means that UK websites must provide visitors with sufficient information to make a decision on whether they are happy for a cookie to be placed on their device and obtain consent before placing a cookie," Evans said.

The ICO has given organisations a year's grace to comply with the Privacy and Electronic Communications Regulations (PECR), which updated the UK stance on cookies. The letter gave organisations 28 days to inform the ICO of efforts made to comply.

"If your organisation has not yet achieved compliance, please provide an explanation about why it has not been possible to comply within time, a clear timescale for when compliance will be achieved, and details of specifically what work is being done to make that happen," ICO PECR enforcement manager Dave Clancy said in the letter.

The letter said that non-compliant organisations faced enforcement notices and the possibility of fines of up to £500,000. However, both information commissioner Christopher Graham and deputy information commissioner David Smith have said that fines were very unlikely.

Topic: Security

Tom Espiner

About Tom Espiner

Tom is a technology reporter for ZDNet.com. He covers the security beat, writing about everything from hacking and cybercrime to threats and mitigation. He also focuses on open source and emerging technologies, all the while trying to cut through greenwash.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

0 comments
Log in or register to start the discussion