Monday 4 June 2012

EU cookie law 'not consistent'

Implementation of the law relating to the use of cookies within the European Union has not been consistent, due partially to changing advice from the Information Commissioner's Office (ICO).

This is according to technology editor at the Guardian Charles Arthur, who noted not all websites have successfully adapted to the law, which came into force on May 26 after the end of a year-long grace period designed to allow firms to change their websites.

"Some sites have implemented it, some sites have not. Some sites have been sort of implementing it," he says, explaining the aim of the EU change is to ensure cookies do not track a user's information without explicit consent.

The ICO updated its guidance on the issue on May 25 to state that implied consent can be assumed in some instances - a change from its previous advice from December 2011.

Arthur said there is a need for an 'anomalised version of cookies which don't collect personal information', adding the setting to not allow third-party cookies that is featured in many browsers is a 'pretty good compromise'.

In the article he quotes Stephen Groom, head of marketing and privacy law at the law firm Osborne Clarke "This is a striking shift. Previously the ICO said that implied consent would be unlikely to work. Now it says that implied consent is a valid form of consent.

"Just six months ago the ICO said general awareness of the functions and use of cookies was simply not high enough for websites to look to rely entirely in the first instance on implied consent.

"Now it tells us that 'implied consent has always been a reasonable proposition in the context of data protection law' and that it remains so in the context of storage of information or access to information using cookies and similar devices."

AT CCS we like the fact that "implied consent" shifts responsibility to the user rather than the website operator, and we know many of our clients will welcome the fact that their websites will comply with the new EU directives which came into law a year ago.

However, we also believe the cookie law is a bad one. Why? Because cookies have come to be a crucial part of e-commerce - on which many of our clients depend - and trading online without using cookies for analytics or various marketing is a bit like asking a bricks and mortar retailer not to have a shop on the high street.

What do you think?

No comments:

Post a Comment