COOKIES AND CONSENT
Check Your Website
Website owners should audit their websites for compliance by checking what type of cookies are used and how. Consider whether or not the “necessary” exception applies. Also, do not forget that third parties placing content on your website i.e. advertisements may be setting cookies.
How to Obtain Consent
A few weeks ago the UK Information Commissioner published guidance on how to comply with the new laws.
It was suggested that consent could be obtained via:
• pop-ups, or
• text in a header or footer on pages of the website, or
• inclusion in preferences that users set when using a website.
Relying on browser settings is not acceptable, as currently there is no adequate technical solution for browsers that is acceptable. This position could change in the future.
Consequences of Non-Compliance
Until May 2012, the Information Commissioner’s Office (ICO) will not penalise an organisation for breaches of the new laws. However, organisations should be taking steps now to ensure compliance, as failure to take appropriate steps now will be taken into account when formal enforcement begins in May 2012.
Penalties for Breach
The ICO can impose a fine of up to £500,000 for a serious breach. A serious breach is defined as a serious contravention likely to cause substantial damage or distress. The breach must have been deliberate, or the person responsible must have known or ought to have known that a breach would occur and then failed to take reasonable steps to prevent it.
The ICO plans to provide further details on this in October 2011.
Learn more about Irene Bodle