UK Cookie Compliance
May 26, 2012. Are you ready?
The EU Directive on cookies, which became UK law on the 26th May 2011, puts a new compliance requirement on website owners, including owners of sites delivered by third parties. The EU 'Cookie Law' is amended privacy legislation that requires websites to obtain informed consent from visitors before they can store or retrieve any information on a computer or any other web connected device. The Information Commissioner's Office (ICO) in the UK, which is responsible for enforcing the new law, has allowed all organisations one year from May 2011 to put cookie auditing, monitoring and visitor opt-in strategies in place.
Compliance is mandatory
There is no way around it, website owners are responsible for understanding how many cookies you have on all of your websites, determining the cookie types and disclosing to your visitors what information is collected and shared with third parties via cookies or other tracking tags. Although you may not have all of the answers today about how to handle your visitor opt-in strategy, monitor will help you take care of the essential first step of putting in place an ongoing cookie auditing and monitoring service.
You can be fined for not doing this
The Information Commissioners Office (ICO) is the body responsible for enforcing the UK law, and has been given powers to fine website owners up to £500,000 for serious breaches in the law. The sooner you take steps to perform your website cookie audit, the more understanding the ICO is likely to be if your website is reported for violating the law. Tagcert is the service you need to efficiently deal with regulators and prove that you are taking compliance with the law seriously.
You must perform an audit
The first step to compliance is establishing ongoing cookie audits of your websites. The most cost effective way to do this is to use a cookie auditing and monitoring service like Tagcert. The ICO in the UK and other EU governing bodies will begin to request proof of cookie audits and cookie audit histories. monitor will allow you to professionally demonstrate you are making best efforts to understand how your website is using cookies all year round.
EU Cookie Law
The EU 'Cookie Law' is amended privacy legislation that requires websites to obtain informed consent from visitors before they can store or retrieve any information on a computer or any other web connected device.
UK Cookie Law
The UK 'Cookie Law' places the exact same demands on UK websites as the EU 'Cookie Law'. The Information Commissioners Office (ICO) is the body responsible for enforcing the UK law.
May 26th, 2012
The UK government has updated the Privacy and Electronic Communications Regulations in response to the EU 'Cookie Law', and has given websites until May 26th 2012 to comply.
The first step is to take this legislation seriously and begin auditing your websites for first party cookies, third party cookies and any other tracking tags.
Understand cookie types
Not all cookies are the same. You need to have an understanding of every cookie used on your website and identify if it is "strictly necessary" or not.
Gain consent from visitors
Before May 26th, 2012
The Information Commissioners Office (ICO) in the UK will not be impose fines on UK websites that are not yet in compliance with the UK 'Cookie Law' prior to May 26th, 2012.
After May 26th, 2012
The Information Commissioners Office (ICO) in the UK has been given powers to fine website owners up to £500,000 for serious breaches in the law.
The Information Commissioners Office (ICO) in the UK will begin enforcing the UK 'Cookie Law' and it is up to you to make sure you are in compliance all year round.
Initial cookie audits
This is where you need to start. We can help you perform an initial cookie audit of your website and get you started on the road to compliance. How it works.
Ongoing cookie audits and monitoring
After you have your initial cookie audit, you are responsible for constantly monitoring your website for cookies and tracking tags. Tagcert does this for you year round.
Staying on side with regulators
We have an extensive network of privacy advocates, legal advisors and professional consultants who can help you interpret your regulatory exposure. Contact us.