Feeds

UK cookies cop changes own policy to ‘implied consent’

Information Commissioner’s Office says deadly threat to privacy now well understood

3 Big data security analytics techniques

The UK Information Commissioner’s Office (ICO), the agency charged with implementing the EU’s ePrivacy Directive insisting web publishers tell their readers about how they use cookies, has changed its own cookie policy to one of implied consent rather than asking visitors to its website to formally opt in to receiving cookies. The change will also see cookies set “from the time users arrive” on the agency’s site.

The Directive was designed to enhance citizens’ privacy by, among other things, letting them know that web publishers record information about them and their use of web sites with cookies. Once so informed, consumers were held to be in a position to understand the deadly threat posed to their wellbeing and liberty by any form of data collection. The Directive was signed into law in 2011, but the UK held off implementing it until May 2012, when the ICO waved a big stick and pointed it at fine print indicating colossal fines for non-compliance.

In response to the Directive, many publishers posted a page like our own cookies page or popped up a quick dialog box to lead users to similar pages or secure their consent for the use of cookies.

Overall, however, compliance levels were low and examples of enforcement activity hard to find.

Eight months down the track, the ICO feels all that activity has worked and the general public are now so well-informed about cookies that it can take things down a notch.

Here’s the Office’s reasoning on the matter:

“We first introduced a notice about cookies in May 2011, and at that time we chose to ask for explicit consent for cookies. We felt this was appropriate at the time, considering that many people didn’t know much about cookies and what they were used for. We also considered that asking for explicit consent would help raise awareness about cookies, both for users and website owners. Since then, many more people are aware of cookies – both because of what we’ve been doing, and other websites taking their own steps to comply. We now consider it’s appropriate for us to rely on a responsible implementation of implied consent, as indeed have many other websites.”

Cookie notifications aren’t disappearing from the agency’s site, as a new banner will continue to inform visitors about cookie use on a new cookie page. The ICO is “also taking advantage of a feature which limits the geographical information collected by our analytics cookies.”

And why does the ICO need cookies at all? The agency says “We are making this change so that we can get reliable information to make our website better.” ®

High performance access to file storage

More from The Register

next story
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Lavabit loses contempt of court appeal over protecting Snowden, customers
Judges rule complaints about government power are too little, too late
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Don't let no-hire pact suit witnesses call Steve Jobs a bullyboy, plead Apple and Google
'Irrelevant' character evidence should be excluded – lawyers
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
Banks slap Olympus with £160 MEEELLION lawsuit
Scandal hit camera maker just can't shake off its past
Reprieve for Weev: Court disowns AT&T hacker's conviction
Appeals court strikes down landmark sentence
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.