ICO ticks websites off over cookie compliance
By Maggie Holland,
UK firms' compliance with the latest laws on the collection and use of web cookies leaves a lot to be desired, the Information Commissioner's Office (ICO) has warned.
The revised Privacy and Electronic Communications Regulations came into force on 26 May this year, but businesses are allowed a certain period of grace to get up to speed. However, even with that grace period, many aren't acting or are doing so wrongly.
Many people running websites will still be thinking that implementing the law is an impossible task. But they now need to get to work.
To remedy the situation and ensure website owners are fully following the relevant rules and regulations, the ICO has issues guidelines as to what to do, although it has stopped short of being too prescriptive.
“Our mid-term report can be summed up by the schoolteacher’s favourite clichés 'could do better' and 'must try harder.' Many people running websites will still be thinking that implementing the law is an impossible task. But they now need to get to work. Over the last few months we’ve been speaking to and working with businesses and organisations that are getting on with it and setting the standard. My message to others is – if they can do it, why can’t you?" said Information Commissioner Christopher Graham.
“Some people seem to want us to issue prescriptive check lists detailing exactly what they need to do to comply. But this would only get in the way and would be too restrictive for many businesses and organisations. Those actually running websites are far better placed to know what will work for them and their customers.”
ICO guidance is available on a number of topics, from adding clarity as to what constitutes consent, which cookies might be exempt from the new rules and third-party cookie management. Full details can be found on the ICO website (PDF download).
"The guidance we’ve issued today builds on the advice we’ve already set out, and now includes specific practical examples of what compliance might look like," Graham added.
"We’re half way through the lead-in to formal enforcement of the rules. But, come 26 May next year, when our 12 month grace period ends, there will not be a wave of knee-jerk formal enforcement actions taken against those who are not yet compliant but are trying to get there.”
You may also like...
Sponsored Links
advertisement
You may also like...
Latest Security Analysis & Insight
What is your password worth?
Would you be tempted to sell off company passwords for a fee? If not, seems like you're in the minority, acccording to research.
- Macs under attack?
- Intel: security inside
- Are you spending too much on IT security?
- Does the government want to snoop on your data?
- Eurocrats versus the cyber criminals
- The truth about spam
- Google and privacy: What’s the problem?
- Q&A: Symantec’s CISO on the source code hack
- RSA: Back from the breach?
Latest Security Reviews
Check Point 2210 Appliance review
Rating: 
advertisement
Most popular
- UK regulator shuts down Angry Birds scam
- Apple iPad 3 vs iPad 2 head-to-head review
- IBM bans use of Siri on iPhones
- Chromebooks: What's gone wrong?
- HP plans massive job cuts
- EMC World 2012: Tucci declares Documentum is here to stay
- Dell EqualLogic PS6100XS review
- Macs and Android under malware threat
- RIM loses its head of sales
- Local fibre broadband needs common standards
Latest News Videos in Security
IT PRO Podcast: Are UK data protection laws flawed?
PlayWe bring in two experts to talk about the problems with UK data protection law and the way it is managed.
Register for IT PRO
You'll get exclusive member benefits including free whitepapers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
