The Office of the Data Protection Commissioner (ODPC) has written to 80 Irish websites requesting information on how they are complying with new “cookie” legislation introduced in July 2011.
The new legislation places an obligation on website operators to provide information to users about the types of cookies used on their websites and to seek consent for the use of such cookies (see our previous article here).
The website operators contacted have 21 days in which to outline the action they have taken in order to comply with the new rules. If they have not yet complied, they are asked to explain why they have not done so and to provide details and a timescale as to how they intend to achieve compliance. They must also explain how they make users aware of any third party analytics or advertising cookies used on their website.
The letter also makes clear that the ODPC may exercise its powers of enforcement in the event of non-compliance.
Deputy Commissioner Gary Davis expressed disappointment with the response of Irish websites in the 18 months since the new rules were introduced and stated that “levels of compliance would appear to be very low compared to the UK”.
The letter marks one of the first steps taken by the ODPC to ensure compliance by Irish websites with the new regime.