News

Cookie law will be ‘phased-in’ over 12 months

Despite becoming EU law at midnight, the UK Government has said the new directive for internet cookies will not come into force ‘overnight.’

25 May 2011

The UK Government has decided new cookie laws from the European Union (EU) will be phased in rather than implemented on deadline, giving businesses one year to comply.

The EU's Privacy and Electronic Communications Directive will come into force at midnight tonight and states internet users must give their consent before cookies store their web surfing activity.

However, communications minister Ed Vaizey said the UK will take its time implementing technologies to deal with the change, rather than prosecuting companies immediately for not abiding by the rules.

"This Europe-wide legislation will ultimately help improve the control that individuals have over their personal data and help ensure they can use the internet with confidence," he said.

"But it will take time for workable technical solutions to be developed, evaluated and rolled out, so we have decided that a phased in' approach is right."

The main issue the Government has is with default browser settings, which it claims "do not meet the requirements of the directive as they stand." To this end, it has formed a group to work with browser manufacturers to find a "workable solution."

However, it has stated there will not be any enforcement from Government on technical answers as "the industry is much better placed to develop these."

Once the UK begins abiding by the legislation, it will be the Information Commissioner's Office (ICO) taking control of enforcing penalties.

Although the Information Commissioner, Christopher Graham, said he would be giving everyone 12 months to "get their house in order," he also said this didn't mean the ICO would "let everyone off the hook."

"Those who choose to do nothing will have their lack of action taken into account when we begin formal enforcement of the rules," he added.

Some privacy groups have been positive about the new directive, but others don't think it has gone far enough.

Jim Killock, director of the Open Rights Group, said: "Today's advice from DCMS shows that the UK has no intention of implementing any form of meaningful consent for tracking from advertising companies."

Quoting Vaizey, he said the Government was siding with advertisers in saying it wasn't always "practical to obtain consent before processing."

"That is, basically, forget it. Consent is impractical, so is implied by your browser settings when you permit cookies, so you've agreed to be profiled."

Check back with IT PRO later this week for an in-depth feature on how the new directive could affect your business.