I’ve been on record a number of times saying that I think the EC Directives relating to cookies are fundamentally flawed. We could make a parallel with the current UK/EU Euro ‘situation’ but let’s not go there. In the UK the Information Commissioner’s Office (ICO) has a duty to enforce these directives and, as they say, “This isn’t going away. It’s the law.”
Yesterday the ICO released its updated guidance for UK website owners. You can download the PDF from the link in the news release.
Given the tough task of interpretation, guidance and enforcement that is the ICO’s duty, I have to say that I think this document is a valiant and comprehensive effort given the task and I’d commend them for this. I would urge you to read it for the full details. It is clearly written and quite practical.
Below are some of my initial thoughts on reading this latest guidance.
Although businesses have an extra year to chew on it, barring a miracle, they'll eventually have to figure out what the updates to Regulation 6 of the UK's Privacy and Electronic
Communications Regulations 2003 mean and how to make sure they're adhered to.
Those updates, of course, require that users provide "consent" for the placement of a cookie on their machines.
Wondering how your business will address the new law that requires users
to opt in to cookies? There's good news: you can procrastinate.
That's because the ICO, perhaps facing the reality that the new law is
fatally flawed, has decided to give everyone amnesty (as the Telegraph
calls it) for violating the law over the course of the next year.
If the Information Commissioner's Office has its way, cookies will soon be a lot less tasty to website operators.
websites in Regulation 6 of the UK's Privacy and Electronic
Communications Regulations 2003 will be updated in to require that a
user "has given his or her consent" to the placement of a cookie in
accordance with a new European Directive.