The revised Privacy and Electronic Communication Regulations, which come into force at midnight tonight, stipulate that businesses running websites in the UK require consent from visitors in order to store cookies on their computers.
Speaking today at the Incorporated Society of British Advertisers’ briefing on cookies, privacy and consumers, Christopher Graham, the information commissioner, said the new EU rules on cookies are "challenging".
"It would obviously ruin some users’ browsing experience if they needed to negotiate endless pop ups, and I am not saying that businesses have to go down that road.
"Equally, I have to remember that this law has been brought in to give consumers more choice about what companies know about them."
He said he was taking the "common sense approach" that takes both these views into account and it will not be taking enforcement action against business and organizations until technical solutions are developed at browser level to meet the requirements on using cookies.
He added that although the Government is not expecting the ICO to enforce the rule on cookies straight away, "this does not let everyone off the hook" and those which do not take action will be taken into account when it enforces the law.
The ICO, which has been tasked with policing the new rules for websites, has issued guidance on how it will enforce the rules, information for consumers on what the new rules will mean for them and how to complain on its website.
Although it will not be taking enforcement action against business until technical solutions are developed at browser level to meet the requirements on using cookies, in a year’ time, it is willing to use the ability to impose civil monetary penalties of up to £500,000 for "serious breach" of the privacy and electronic communications regulation.
Service providers will also be required to provide the ICO with any information needed to investigate a breach and failure to do so will see them fined £1,000.
Ed Vaizey, communications minister, said: "It will take time for workable technical solutions to be developed, evaluated and rolled out, so we have decided that a ‘phased in’ approach is right.
"We have been working closely with the industry, the European Commission and the regulator, and consulted widely. We are confident that we are taking an approach which is sensible, pragmatic and light touch."
The ad industry has raised concerns that the ICO will push for stricter enforcement of gaining consent from users being served cookies, but .
.jpg)
.jpg)