EU Cookie Law about face
Believe it or not, the ICO have done virtually a complete about face on the EU Cookie Law!
The change seems fairly slight at first glance. In a new document providing guidance on the now-enforceable law, the ICO state that it is valid to assume that visitors to your website have already given consent for you to place cookies on their PC. They refer to this as implied consent, and state that it has been valid concept with data protection and privacy, so should also be a valid concept with regard to cookies.
To be honest, as soon as they backed down on the use of Analytics cookies, the writing was on the wall for this legislation in the UK. There is a strong suspicion that other EU countries were being less stringent about applying the letter of the law, and thus UK businesses would be at a significant disadvantage.
So no action is needed?
Actually, that’s not strictly true. Whilst ‘Implied Consent’ is now a valid defence for not asking to store cookies in the first place, you still need to have a privacy policy that explains how your site gathers cookies and what it does with the information. That policy also needs to be easily accessible.
But that’s a whole lot easier to implement than the alternative!
Stay tuned
This blog has been created outside of my normal schedule as I wanted to get the news to you as quickly as possible. However, I’ll be exploring this topic in more detail in the next week or so.
Recent comments