Vaizey: cookies may not need "prior" consent

 

Gallery

By Nicole Kobie

Posted on 25 May 2011 at 09:58

The Government has sparked further confusion over the new cookie regulations, claiming websites may not need to gain "prior consent" before dropping them on users' PCs.

Last night the Department for Culture, Media and Sport (DCMS) issued an open letter on the UK's implementation of the new EU e-privacy regulations, signed by Culture Minister Ed Vaizey, only a day before the new rules supposedly come into force.

The new laws require websites to ask for user consent when dropping cookies onto computers, except when the cookie is required directly for the service being used - such as online checkouts.

However, Vaizey's letter said the EU rules do not necessarily require "prior consent".

"Crucially, there is no definition as to when that consent may be given, and so it is possible that consent maybe given after or during processing," the letter said.

The DCMS admitted that "in its natural usage 'consent' rarely refers to a permission given after the action," but said that it recognises that it may be "impracticable to obtain consent prior to processing".

Browser settings

The DCMS letter also said the Government was continuing to work with browser makers in the hope that browser settings could be used to show consent.

Previously, The Information Commissioner's Office had said settings in existing browser versions wouldn't be enough to satisfy the rules.

The letter claims the "UK approach" has been to copy the EU regulations word for word, including aspects "which consider that browser settings may give consumers a way to indicate their consent to cookies".

There is no definition as to when that consent may be given, and so it is possible that consent maybe given after or during processing

While it stresses that other technical methods to get consent are not "ruled out", it says the Government will "continue to work with browser manufacturers to see if browsers can be enhanced to meet the requirements of the revised directive".

However, the ICO reiterated today that, in the meantime, browser settings wouldn't be enough to meet the rules. “Browser settings giving individuals more control over cookies will be an important contributor to a solution," said Information Commisioner Christopher Graham. "But the necessary changes to the technology aren’t there yet."

No fines yet

Despite the mixed messages, website owners need not panic, as the ICO said it wouldn't fine sites for the next year for failing to meet the regulations.

The ICO said it will lead by example by putting a banner on its site explaining how it uses cookies, but said not all websites necessarily need do the same.

"Every website is different and prescriptive and universal ‘to-do’ lists would only hinder rather than help businesses to find a solution that works best for them and their customers," he said.