The ICO's cookie law has been, for many companies, a major headache. After being given an extra year to find compliance solutions -- an acknowledgment that complying wouldn't necessarily be painless -- companies were finally forced to implement them.
Those that don't could find themselves facing steep fines, and in an effort to show that it's serious about enforcement, the ICO earlier this year indicated that it would be contacting 50 high-traffic UK websites about their compliance.
But for at least one company, software vendor Silktide, the threat of fines and legal action aren't enough. And it has a message for the ICO: "We're sick of you and this ridiculous cookie law."
To prove its point, the company, which is registered in England and Wales, claims it has taken away the solution it implemented to be compliant with the cookie law and is encouraging the ICO to take action. On its website, nocookielaw.com, the company writes:
Presumably we now fly in the face of the law you are sworn to uphold. Please, please do your worst. Send in a team of balaclava-clad ninjas in black hawk helicopters to tickle us to death with feather dusters. Just do something.
According to the company, the idea behind the cookie law "is a noble one" but it was unfortunately created by "technically illiterate octogenarians who couldn't find a button on a mouse." As Silktide sees it, companies like Google and Facebook are a much bigger threat to privacy, yet they haven't been nearly as inconvenienced by the ICO's cookie law. To boot, Silktide believes that consumers "don't give a flying monkey cluck" and Silktide's founder suggests that the invasive prompts seen on compliant websites actually "piss off users."
To get the ICO's attention, nocookielaw.com provides a link to file a complaint with the ICO. If enough people complain, it hopes the ICO will get in touch.
Fighting the good fight
Will the ICO respond to Silktide's taunts, and if so, how? Time will tell. If the ICO doesn't address the fact that a UK company is intentionally violating the cookie law, it will confirm what many already believed: that the law is a farce and enforcement will generally be toothless as a result. If it does indulge Silktide, its handling of the situation will obviously be on display for all to see.
Either way, Silktide believes it's fighting the good fight and lest anyone suggest that it's not contributing constructively to the privacy debate, has published a "modest proposal" of its own for helping users find the privacy policies of the sites they use.
Fixing what's beyond broken
It will be interesting to see the outcome of Silktide's challenge to the ICO, but whatever that is, one thing won't change: the fatally-flawed nature of the cookie law. Even if the ICO delivers a painful blow to Silktide to send a message that it's serious about enforcing the law, there is no evidence that the law is truly protecting consumers.
The ICO simply can't identify every violator of the law, nor can it punish companies outside of its jurisdiction. And when it comes to true privacy, enforcement of laws like these ignore the real threats, such as insecure storage and sharing of personal data, that will never be easily prevented or policed.