The so called ‘cookie law’ will be enforced from 25th May, after the Information Commissioner gave UK businesses 12 months to get their websites operating in line with the new rules
The snappily-named Privacy and Electronic Communications Directive became law in England last May, but to the relief of most businesses, the Information Commissioner’s Office allowed a 12 month period of grace to allow website owners time to comply.
That period of grace expires on 25th May 2012 and businesses are being warned that there will be fierce penalties for non-compliance now that the new rules are in force.
Said commercial / digital law expert Brendan O’Brien from Breeze & Wyles Solicitors LLP : “Any business that has not yet taken action to comply must do so urgently. The 12-month period of grace means that the penalties for businesses that do not comply will be all the harsher. The Information Commissioner warned last year that ‘those who choose to do nothing will have their lack of action taken into account when we begin formal enforcement of the rules.’”
So what is a cookie?
It is a file that enables a website to store data relating to users. For example, a cookie will enable the website of an on-line store to record what is in your basket, or to know what scene you have reached if you are watching a television drama on-line.
Cookies do not act as viruses because they cannot perform functions, they can only read. However they can act as a sort of spy in your computer because they can record your browsing patterns and personal information without your knowledge. For this reason anti-virus and security software will normally flag them for deletion.
Who needs to act?
The owner of any website that operates within the EU must now ensure compliance with the rules. This includes any website that has a secure area where users log in, or one that has a shopping basket facility or runs advertisements from third parties.
Even if your website does none of these things it might be using cookies if it has software such as Google Analytics that collects statistical information about the use of the website or the number of viewings of particular pages on the site.
Brendan added: “Many smaller businesses have assumed it won’t apply to them if they don’t trade online or have complex websites, but most of them will be running site analytics.
Web site content note:
This is not legal advice; it is intended to provide information of general interest about current legal issues.