Feeds

UK cookie law compliance takes effect today

Web operators, put down your BBQ forks! The ePrivacy Directive is here

Intelligent flash storage arrays

From today the UK's Information Commissioner's Office will begin enforcing the EU's revised ePrivacy Directive that requires website owners to be upfront with their users about the information they collect.

The so-called cookie law was implemented on 25 May 2011 by Brussels officials, but getting the legislation transposed locally within the 27 member-states of the European Union has proved to be tricky, perplexing, disruptive, confusing and a bit of a mess, really.

Here in Blighty, the government made the decision to effectively free up web owners from the burden of complying to the directive by deferring policing of the law for one year. The law requires sites within the EU to obtain a visitor's consent before they install a cookie in their browser.

Time has now run out and from today the Information Commissioners Office will be enforcing the law and fining those web operators that are found to have violated the rules. A penalty of up to £500,000 could be imposed against those that fail to comply.

But the data protection watchdog has signalled it would take a gentle approach to enforcement and pointed out that very few companies would be slapped with a hefty fine for non-compliance.

The ICO's Dave Evans said yesterday:

We’ve been saying that we expect organisations to be on the path to compliance – which means that UK websites must provide visitors with sufficient information to make a decision on whether they are happy for a cookie to be placed on their device and obtain consent before placing a cookie.

The regulator has an updated version of its guidance for compliance here. It's probably worth reading between bites of ketchup-smeared cow. ®

Choosing a cloud hosting partner with confidence

Whitepapers

Designing and building an open ITOA architecture
Learn about a new IT data taxonomy defined by the four data sources of IT visibility: wire, machine, agent, and synthetic data sets.
Why CIOs should rethink endpoint data protection in the age of mobility
Assessing trends in data protection, specifically with respect to mobile devices, BYOD, and remote employees.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.