Time For A UK Cookie Audit

June 05, 2012
The law, adopted in May 2011 to implement a European directive, was accommodated by the announcement of a 12-month moratorium on enforcement. Simultaneously with the expiry of the moratorium, the data protection regulator, the Information Commissioner’s Office (ICO), has issued revised guidance and has invited Web users to inform it of websites that are not yet compliant.

Since May 2011, website operators throughout Europe have been required to obtain consent in relation to most cookies placed on a user’s PC (or mobile device) by websites. In recognition of the challenges in moving to a consent regime, the ICO announced the moratorium. (Other countries were simply late in implementing the law change; some have not yet done so.) As this grace period has now come to an end, the commissioner will be able to look at the impact of any breaches of privacy and other rights of website users in determining whether to take enforcement action. The ICO has announced that it has already written to a number of large organizations.

Subscribe to Dechert Updates