Raworths LLP
Cookie Law Cookie Law

Legal Articles

Mar 15

Cookie Law

The Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011 require consent to be obtained for the use of cookies and similar technologies for storing information, and accessing information stored, on a user’s equipment, such as their computer or mobile phone. The Regulations came into force on 25 May 2011. However, the Information Commissioner’s Office (ICO) announced that organisations would be allowed a year-long period to work towards compliance with the changes. That grace period has now expired.

Previously, privacy rules only required websites to tell users about cookies they used and provide information on how to ‘opt out’. Most organisations did this by putting information in their privacy policy. The new rules require that in most cases websites wanting to use cookies must gain consent, which must involve some form of communication whereby the individual knowingly indicates their acceptance. The ICO made last-minute changes to its guidance on how to comply with the new cookie law in order to clarify the following points with regard to implied consent:

  • Implied consent is a valid form of consent and can be used in the context of compliance with the revised rules on cookies;
  • If you are relying on implied consent you need to be satisfied that your users understand that their actions will result in cookies being set. Without this understanding you do not have their informed consent;
  • You should not rely on the fact that users might have read a privacy policy that is perhaps hard to find or difficult to understand; and
  • In some circumstances, for example where you are collecting sensitive personal data such as information about an identifiable individual’s health, data protection law might require you to obtain explicit consent.

The Information Commissioners Office has comprehensive guidance to the various regulations.

Source: Commercial

  • « Older Entries
  • Newer Entries »

‹  Return to News / Articles

Other Articles

Mar 18

GDPR Guidance

If you have not yet taken steps to ensure your business complies with the General Data Protection Regulation (GDPR), the time to start is now: less than two months remain...

MORE

Mar 18

The GDPR and Your Firm's Pension Scheme

The press is awash with comment about the General Data Protection Regulation (GDPR), which will be fully enforced from 25 May 2018. It would be difficult for any organisation not...

MORE