We have mentioned cookies in previous editions of the Newsletter, but to recap they are small text files that are stored on a user’s device when visiting a website. The cookie assists the website in recognising the user’s device and delivering a more tailored and user-friendly experience.
To help businesses the Information Commissioner’s Office (ICO) has published guidance relating to the Regulations recommending that businesses take the following actions immediately:
- review and list the cookies and similar technologies (such as flash cookies, browser cookies, etc) currently used on its website (including any third party cookies used) to assess which ones are strictly necessary to provide users with web-based services and those which are not;
- begin to create and implement appropriate and tailored solutions to gain users’ consent.
Under the Regulations the ICO also has the power to impose monetary penalties of up to £500,000 where serious breaches of the Regulations have been committed.
Although the Regulations are now in force, the ICO has stated that formal enforcement action is unlikely to be taken before May 2012. However, by that date businesses are expected to have reviewed their cookies practices and to have implemented a practical and effective strategy to obtain users’ consent.