ICO surprises with last-minute cookies changes
By Nicole Kobie
Posted on 28 May 2012 at 10:32
The Information Commissioner has surprised web admins by rolling out changes to how it views the cookies law the day before an enforcement deadline.
The law - the result of an EU directive regarding online privacy - requires websites to get consent before dropping cookies and other tracking technologies onto users' computers. It came into law last year, but the ICO gave websites a year's grace before enforcement started.
However, a day before enforcement was due to start, the ICO revealed it would consider "implied consent" to be good enough - meaning sites can simply tell users that by continuing to use the site, cookies will be used.
"Implied consent is a valid form of consent and can be used in the context of compliance with the revised rules on cookies," said Dave Evans, head of business policy, in a post on the ICO site. "If you are relying on implied consent you need to be satisfied that your users understand that their actions will result in cookies being set. Without this understanding you do not have their informed consent."
Find out moreFor more on cookies, read our policy here
The data watchdog has issued limited guidance on how to meet the law, saying it doesn't want to tell companies what to do. "We’ve stressed that there’s no ‘one size fits all approach’," Evans said. "We think that organisations themselves are best placed to develop their own solutions. They will know how and why their customers use their websites better than we do."
Implied consent appears to be a popular tactic for many websites. As well as PC Pro, sites such as the BBC, The Sun, and The Guardian are also running banners advising users that use of the site means cookies will be dropped.
While the move will probably be welcomed by many websites, the timing led to some complaints.
"This is a striking shift," Stephen Groom, head of marketing and privacy law at the law firm Osborne Clarke, told The Guardian. "Previously the ICO said that implied consent would be unlikely to work. Now it says that implied consent is a valid form of consent."
"Cookies law changed at 11th hour," said one Twitter user. "All that work last week was really worth it. Thanks ICO."
"Let's all get a box of cookies sent to the ICO to thank them for their capriciousness," added another Twitter user.
The ICO has made it clear it has no plans to unleash a "torrent of enforcement action" against sites, especially those working to meet the law, and that it won't be doling out fines.
Is your business a social business? For helpful info and tips visit our hub.
Fast Forward to the Past
EU Law: Cookie compliance states that permission MUST be obtained from users BEFORE cookies are used IF THEY ARE NOT IMPERATIVE FOR OPERATION OF THE WEBSITE VISITED.
This was to strengthen privacy law and data law where businesses track and obtain personal data.
Computers are so refined now that they can tell who is on line by the way they type, the phrases used and mannerisms of the content. Yes... they now can tell one individual from another by the "personal footprint".
Facebook Google and others attempt to say "If a person has nothing to hide, they tend to become less obvious, like many birds in a flock".
Putting statements or photographs on line, may warrant a future boss to take a tainted viewpoint.
There are many flaws to this extroversion, such as Identity Theft and the possibilities of future secularism.
There are supposed to be laws to protect privacy, but no law exists to erase any "recorded activity", no matter for how long the data is stored. One strong opt out clause is "Collected data is for HISTORICAL PURPOSES and exempt deletion".
For the ICO not to understand that they ARE supposed to ENFORCE REGULATIONS proves they are not fit for purpose. At worst they may be perverting the course of EU Justice.
By lenmontieth on 28 May 2012
Claude Shannon's theory of communication says that no information can be passed through a channel with 50 per cent random errors, as best I recall.
Considering the ICO's about-turn, I would think that, in terms of their ability to express coherent policy, they have now reached that 50 per cent, and may as well be disconnected from our input channel.
By fogtax on 31 May 2012
- CeBit 2014 diary: Cameron comes to town
- The 5 most interesting UK businesses at SXSW
- Quickest way to upload 1GB? Hop on a train
- Move over Delia: IBM Watson is cooking tonight
- Eric Schmidt on the double-edged smartphone: friend and foe
- Getty joins the race to the bottom
- Hour of Code: five steps to learn how to code
- Sony Xperia Z2 Tablet review: first look
- Sony Xperia Z2 review: first look
- Samsung Galaxy Gear 2 review: first look
- Headings vs headers: how to use both in Word
- Windows Server 2012 R2: how the Datacenter edition could change SMBs
- Invoices and VAT: how to set up your documents correctly
- Nexus 5 vs Samsung Galaxy S4 Active: the best phone for avoiding screen burn
- How much is a social user worth?
- The key to choosing a secure password
- Thunderbolt Bridge: a fast Mac migration tool
- Should you advertise on Twitter?
- How to track a lost smartphone
- Self-publishing success: the best way to sell your book