Feeds

Want to avoid another cookie law mess? Talk to EU bods next time

'Dear ICO, sue us ... We're sick of you and this ridiculous cookie law'

The essential guide to IT transformation

UK businesses should actively involve themselves in the debate over changes to EU law if they want to avoid problems stemming from the way those laws are drafted, an expert has advised.

Technology law specialist Luke Scanlon of Pinsent Masons, the law firm behind Out-Law.com, said that businesses can help law makers avoid putting "burdensome" requirements on them if they make their views on plans to reform EU law heard.

Scanlon was commenting after a UK software firm stripped its websites of "cookies solutions" and called on the UK's Information Commissioner's Office (ICO) to "sue" it for non-compliance with the Privacy and Electronic Communications Regulations (PECR). Silktide created a dedicated website promoting its non-compliance where it announced that it was "sick" of the ICO and "the ridiculous cookie law".

Cookies are small text files that record internet users' online activity. In 2009, the EU's Privacy and Electronic Communications (e-Privacy) Directive was changed to state that storing and accessing information on users' computers would only be lawful "on condition that the subscriber or user concerned has given his or her consent, having been provided with clear and comprehensive information ... about the purposes of the processing".

Consent must be "freely given, specific and informed". An exception exists where the cookie is "strictly necessary" for the provision of a service "explicitly requested" by the user – for example, to take the user of an online shop from a product page to a checkout.

The EU laws were implemented in the UK through amendments to PECR last year and the ICO was tasked with enforcing the new law and handed the power to fine those that failed to comply up to £500,000.

However, website operators have bemoaned the lack of a single practical solution that meets the standards for compliance but which is also easy to implement and results in an unobtrusive browsing experience for internet users. The ICO has issued guidance outlining a number of solutions website operators can implement to comply with the cookie consent requirements.

Silktide, though, said that although it had "tried" to comply with the law doing so had been a "tragic waste of time". It described the law as appearing to be "nothing but hot air".

"Dear ICO, sue us," the message on the Silktide-operated nocookieslaw.com website reads. "We're sick of you and this ridiculous cookie law. So here's an ultimatum. We've taken all our cookies solutions off all our websites. The evil cookies are back, and the pointless slidey warning messages are no more. We tried. We even wrote an open source solution to the cookie law used by 5,000 sites. But the truth is it's a tragic waste of time."

"Presumably we now fly in the face of the law you are sworn to uphold. Please, please do your worst. Send in a team of balaclava-clad ninjas in black hawk helicopters to tickle us to death with feather dusters," the company said. "The idea of this law is a noble one, it's just a shame it was drafted by a team of technically illiterate octogenarians who couldn't find a button on a mouse."

Luke Scanlon said that the most interesting thing on the nocookieslaw site had been comments posted by users.

"The comments indicate that there continues to be a real lack of understanding of how laws are made in the UK and what powers regulators and even the UK Government possess," he said. "The cookie law is an EU imposed requirement. Neither the UK Government nor the ICO have any power to ignore or change it on their own, however burdensome it may be, so long as the UK remains in the EU and chooses to honour its commitments as an EU member state. It is interesting that the users, who seem to be web designers, web developers and digital consultants appear to be largely ignorant to this fact."

"It really is a reminder that businesses need to pay more attention to the development of EU laws at the negotiation stage rather than after the fact. The proposed data protection regulation which will have a greater impact in terms of compliance costs and consequences is a pertinent example," Scanlon said.

"Businesses should be engaging in preventative legal care now by seeking to influence policy and ensuring that the UK's EU representatives are provided with focused empirical economic evidence which builds a case for regulation that supports rather than hinders the interests of UK businesses and the wider economy," the expert added.

A review of the cookies laws due to be published by the ICO in November will feature nocookieslaw, a spokesman for the watchdog said, according to a report by the BBC.

"We welcome any opportunity to help us draw attention to this matter, as a key part of our work in ensuring compliance with the cookie law has been making businesses aware of the regulations," the ICO spokesman said.

Copyright © 2012, Out-Law.com

Out-Law.com is part of international law firm Pinsent Masons.

5 things you didn’t know about cloud backup

More from The Register

next story
Hello, police, El Reg here. Are we a bunch of terrorists now?
Do Brits risk arrest for watching beheading video nasty? We asked the fuzz
Snowden on NSA's MonsterMind TERROR: It may trigger cyberwar
Plus: Syria's internet going down? That was a US cock-up
UK government accused of hiding TRUTH about Universal Credit fiasco
'Reset rating keeps secrets on one-dole-to-rule-them-all plan', say MPs
Caught red-handed: UK cops, PCSOs, specials behaving badly… on social media
No Mr Fuzz, don't ask a crime victim to be your pal on Facebook
e-Borders fiasco: Brits stung for £224m after US IT giant sues UK govt
Defeat to Raytheon branded 'catastrophic result'
NBN Co claims 96 mbps download speeds for FTTN trial
Umina trial also delivers 30 mbps uploads, but exact rig used not revealed
True fact: 1 in 4 Brits are now TERRORISTS
YouGov poll reveals terrible truth about the enemy within
Yes, but what are your plans if a DRAGON attacks?
Local UK gov outs most ridiculous FoI requests...
Felony charges? Harsh! Alleged Anon hackers plead guilty to misdemeanours
US judge questions harsh sentence sought by prosecutors
This'll end well: US govt says car-to-car jibber-jabber will SAVE lives
Department of Transportation starts cogs turning for another wireless comms standard
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
BYOD's dark side: Data protection
An endpoint data protection solution that adds value to the user and the organization so it can protect itself from data loss as well as leverage corporate data.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?