Feeds

UK cookies cop changes own policy to ‘implied consent’

Information Commissioner’s Office says deadly threat to privacy now well understood

Build a business case: developing custom apps

The UK Information Commissioner’s Office (ICO), the agency charged with implementing the EU’s ePrivacy Directive insisting web publishers tell their readers about how they use cookies, has changed its own cookie policy to one of implied consent rather than asking visitors to its website to formally opt in to receiving cookies. The change will also see cookies set “from the time users arrive” on the agency’s site.

The Directive was designed to enhance citizens’ privacy by, among other things, letting them know that web publishers record information about them and their use of web sites with cookies. Once so informed, consumers were held to be in a position to understand the deadly threat posed to their wellbeing and liberty by any form of data collection. The Directive was signed into law in 2011, but the UK held off implementing it until May 2012, when the ICO waved a big stick and pointed it at fine print indicating colossal fines for non-compliance.

In response to the Directive, many publishers posted a page like our own cookies page or popped up a quick dialog box to lead users to similar pages or secure their consent for the use of cookies.

Overall, however, compliance levels were low and examples of enforcement activity hard to find.

Eight months down the track, the ICO feels all that activity has worked and the general public are now so well-informed about cookies that it can take things down a notch.

Here’s the Office’s reasoning on the matter:

“We first introduced a notice about cookies in May 2011, and at that time we chose to ask for explicit consent for cookies. We felt this was appropriate at the time, considering that many people didn’t know much about cookies and what they were used for. We also considered that asking for explicit consent would help raise awareness about cookies, both for users and website owners. Since then, many more people are aware of cookies – both because of what we’ve been doing, and other websites taking their own steps to comply. We now consider it’s appropriate for us to rely on a responsible implementation of implied consent, as indeed have many other websites.”

Cookie notifications aren’t disappearing from the agency’s site, as a new banner will continue to inform visitors about cookie use on a new cookie page. The ICO is “also taking advantage of a feature which limits the geographical information collected by our analytics cookies.”

And why does the ICO need cookies at all? The agency says “We are making this change so that we can get reliable information to make our website better.” ®

Boost IT visibility and business value

More from The Register

next story
'Stop dissing Google or quit': OK, I quit, says Code Club co-founder
And now a message from our sponsors: 'STFU or else'
Top beak: UK privacy law may be reconsidered because of social media
Rise of Twitter etc creates 'enormous challenges'
Uber, Lyft and cutting corners: The true face of the Sharing Economy
Casual labour and tired ideas = not really web-tastic
Ex US cybersecurity czar guilty in child sex abuse website case
Health and Human Services IT security chief headed online to share vile images
Don't even THINK about copyright violation, says Indian state
Pre-emptive arrest for pirates in Karnataka
The police are WRONG: Watching YouTube videos is NOT illegal
And our man Corfield is pretty bloody cross about it
Oz biz regulator discovers shared servers in EPIC FACEPALM
'Not aware' that one IP can hold more than one Website
prev story

Whitepapers

Gartner critical capabilities for enterprise endpoint backup
Learn why inSync received the highest overall rating from Druva and is the top choice for the mobile workforce.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Rethinking backup and recovery in the modern data center
Combining intelligence, operational analytics, and automation to enable efficient, data-driven IT organizations using the HP ABR approach.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.