New Opt-Out Rules on Cookies - Grace Period Ends
Cookies are small text files implanted by a website on the hard disks of visitors to the site (often without visitors being aware of this). They are used to collect information on the visitors to a website. Whilst it may not be possible to identify a living individual solely from the information transmitted by a cookie, it may be possible to do so by reference to that information in combination with other information held by the recipient or by a third party. Until now, it has been enough to warn visitors to a website that it used cookies and to give them a right to "opt-out" if they objected. Many sites did this by including the relevant information in their privacy policies.
Under the new rules, visitors to a website must positively opt-in to receiving cookies. There is only one exception to this rule. A visitor's consent will not be required for an activity that is "strictly necessary" for a service requested by the visitor. An example might be needed for a cookie used to ensure that when a visitor has selected goods they want to buy and clicks the "add to basket" or "proceed to checkout" button, the site "remembers" what was selected on a previous page.
The new rules give the Information Commissioner enhanced enforcement powers, including the power to impose serve a monetary penalty of up to £500,000 on businesses that seriously breach the rules if:
. the contravention was of a kind likely to cause substantial damage or substantial distress, and
. (in broad terms) the contravention was deliberate or the business knew or ought to have known that there was a risk that a contravention would occur and failed to take reasonable steps to prevent it.
It seems that the new rules may pose something of a challenge to businesses. It remains to be seen how that challenge will be met. At the moment, there seems to be few signs that businesses are getting to grips with the requirements of the new Regulations. Any business that decides to bury its head in the sand needs to appreciate that by doing so, it is running the risk of having to pay a fairly hefty fine.
To find out more, please contact Nick Crook or Tina Middleton.
Filed: 20/05/2012 18:30:36