The Information Commissioner’s Office has announced that it will give UK websites twelve months before it will enforce the new EU cookie law.
That should mean that UK sites now have to obtain consent to store cookies on a user’s PC, but no action will be taken against those not complying with the regulation for a year. As the Information Commissioner puts it, this period of inaction has been granted to let sites “get their house in order”.
Cookies are tiny files which track browsing habits or user preferences and have previously been used by default with no permissions needed.
The change has been delayed because as the government has noted previously, the technical solutions – such as the major web browsers developing a simple system to give ongoing cookie permissions – aren’t there yet.
Information Commissioner Christopher Graham said: “It would obviously ruin some users’ browsing experience if they needed to negotiate endless pop ups – and I am not saying that businesses have to go down that road.”
“Equally, I have to remember that this law has been brought in to give consumers more choice about what companies know about them. That’s why I’m taking a common sense approach that takes both views into account.”
The end result is the informal one year transitional period where the ICO won’t enforce the regulations, while these technical solutions are sorted out.
The Information Commissioner warns: “This does not let everyone off the hook. Those who choose to do nothing will have their lack of action taken into account when we begin formal enforcement of the rules.”
Apparently only two countries in the EU are implementing the new cookie laws with immediate effect today.
What the end result of this staggered implementation will be remains to be seen. Previously the government has been in favour of an “opt-out of tracking” icon on websites, which would mean by default visitors would still be tracked.