Online Data & Privacy Ico

ICO change on cookie law takes the biscuit


By Dan Grech, Marketing Consultant

January 30, 2013 | 2 min read

In May 2011, the Information Commissioners Office first announced that websites must explicitly seek consent for cookies (cookies are text files that record your activity online).

The EU laws came into action in the UK when the Privacy and Electronic Communications Regulations (PECR) was amended. The ICO opted to place a year's hiatus on its enforcement (a fine of up to £500,000) to give organisations time to implement a technical solution that complied with the legal framework.

Today, it was announced that the UK's privacy watchdog will no longer require individuals' explicit consent in order to serve them with 'cookies' when they visit its website.

Out-law stated:

"The Information Commissioner's Office (ICO) has said that anyone who visits its website from "the end of January" will receive cookies. It said individuals will be given "clear, detailed information" about what cookies have been set and will also be given access to an "easy way to remove them" if they do not want them set on their machines or devices."

Naturally, some webmasters are outraged at the removal of this law after investing time and money into compliance tactics. I personally have never felt threatened by the use of my cookies, but perhaps that's more of a Gen Y attitude. As for this almost U-turn in compliance laws I'd like to see some compensation claims put to the ICO.

Did you add a pop-up or banner to your site requiring Internet users to opt-in to sharing their cookies? Or were you waiting for the deadline?

As expected, there's a Tumblr blog dedicated to EU Cookie Law UIs to comply.

Online Data & Privacy Ico

More from Online

View all


Industry insights

View all
Add your own content +