The Information Commissioner's Office (ICO) has threatened businesses with formal enforcement action if they fail to meet a deadline to take steps to comply with the so-called "cookie law".
However, in a recent blog, the ICO made it clear that businesses should now be aware of the law and that the education programme would increasingly be balanced by enforcement measures. Under the regulations, the ICO has the power to issue a fine of up to £500,000 to businesses which fail to comply with the regulations, although it appears more likely that the ICO will issue enforcement notices than fines.
Internet users can report concerns about specific websites by use of the ICO's "online cookie concern reporting tool." The ICO have had more than 380 such notifications to date and will issue a progress report of its response to those concerns in November.
Given this shift from education to an enforcement focus, businesses that have not already done so would be well advised to review their cookie use and ensure that appropriate information and consent mechanisms are included on their websites.