Morgan Russell Solicitors

Grace period for 'Cookies' ended on 25 May 2012 (extract from the June 2012 edition of Commercial Law News)

Published 25 June 2012

Last year the EU’s amended Privacy and Electronic Communications Directive came into effect in UK law in the form of the Privacy and Electronic Communications (EC Directive) Amendment Regulations 2011. This was intended to protect the privacy of internet users by implementing rules on how electronic communications networks store information or gain access to information stored on the hardware of subscribers/users in the form of “cookies”. The Information Commissioner’s Office (ICO) gave businesses one year to find workable technical solutions and make the changes. This period ended on 25th May 2012.

The key rules:

  1. You must inform users/subscribers to your website that you are using cookies and explain clearly and comprehensively what their purpose is; and
  2. You must obtain the user’s/subscriber’s informed consent to store such cookies on their device – either before the cookie is set or as soon as possible after they have accessed the website.

There are limited exemptions available to these rules. Examples are connected with goods in the checkout basket for online purchasing or secure online banking.

Non-compliance may result in enforcement notices and/or fines up to a maximum £500,000.

What should you do?

  1. Cookie audit: find out what and how cookies or similar technologies are used in your website. Also consider how intrusive they are.
  2. Decide how best to obtain consent for using cookies for your website – how will it best fit in with your website. Consent is only required once, unless the cookies change.
  3. Speak to your web designer about implementing the change and how they can include it – what about pop-ups, message bars, etc?
  4. Make sure there is a prominent notice explaining about the use of cookies on your website.
  5. Consider updating your website privacy policy and website terms of use. You may need to include further information regarding cookies, how you would change the policy and how users can withdraw their consent.

For further information on compliance and implementation see the ICO website: www.ico.gov.uk

Further Information

If you have any questions regarding the above or require any assistance, please do not hesitate to contact Debbie Turner, Katya Cleere or Tim Nathan +44 (0)1372-461411.

Filed under Company Commercial, Business and Compliance Issues
The data contained within this document is for general information only. No responsibility can be accepted for inaccuracies. Readers are also advised that the law and practice may change from time to time. This document is provided for information purposes only and does not constitute legal advice. Professional legal advice should be obtained before taking or refraining from any action as a result of the contents of this document.
clever girl