Opt-in cookie rule proposed for Britain

The information commissioner is opposed to the use of cookies without advertisers gaining an individual's consent
Written by Wendy McAuliffe, Contributor

The Office of the Information Commissioner has pledged its support for opt-in cookies, despite a recent u-turn on such standards by the European Union.

Electronic tags, known as cookies, can be used to track an individual's movements on the Internet for a number of years. The information commissioner is concerned that the unauthorised use of such intrusive technology could breach data protection principles within the UK.

"If organisations are going to put lots of computer code on a machine that tracks a person's movements online, individuals should be told about it," said Iain Bourne, strategic policy officer to the information commissioner. "This shouldn't be happening until they have agreed to it."

In November, the European Parliament voted in favour of a proposal to restrict the use of cookies before a user's consent has been obtained. The move was opposed by the Interactive Advertising Bureau (IAB) who warned that British companies could lose £187m if the directive was ratified. In December, the European Telecom's Council back-tracked on the amendment for opt-in cookies. The EU position on electronic data collection and privacy is yet to be clarified.

Cookies are small pieces of code used mainly by commercial Web sites to track users' behaviour online. They are downloaded to browsers and used to recognise and authenticate users when they return to a Web site so they don't have to log in every time. The electronic tags are also able to hold personal information such as passwords for custom e-tail services, and Web-based email.

"An individual's agreement is the best basis for doing anything. Whatever happens in the EU, this will remain our position," said Bourne. The Office hopes that within time, opt-in cookies will become a pan-European standard.

The Office will await the pending European vote on the draft directive before deciding on a cookie standard for the UK. "We have our own views under the Data Protection Act, which we are responsible for enforcing," said Bourne. "We cannot legally enforce things that are not in statute, but we can take our own view on good practice regardless."

E-commerce is transforming business around the globe. Get the latest headlines at ZDNet UK's E-commerce News Section.

Have your say instantly, and see what others have said. Click on the TalkBack button and go to the ZDNet news forum.

Let the editors know what you think in the Mailroom. And read other letters.

Editorial standards