The ICO gives guidelines on Cookies

The Information Commissioners Office (ICO) has finally decided where it stands when it comes to cookies and launched guidance on the controversial topic.

However, it’s not good news for companies who have so far hidden behind the “browser settings” excuse, with the rules now claiming that these will no longer help them comply with new anti-cookie laws.

The guidance has been released by the watchdog in a bid to help websites comply with a new EU directive that requires consent for non-essential cookies, ahead of a looming 26 May deadline. Previously the rule on using cookies for storing information was that companies had to tell people how you use cookies, and tell them how they could ‘opt out’ if they objected.

However, although Government bods in the past have put forward ideas to solve the problems through browser settings – such as do-not-follow lists in Firefox and IE9 – the ICO has said these are presently “not sophisticated enough” to allow companies “to assume that the user has given their consent” to allow websites to set a cookie.

It also pointed out flaws when people access sites via apps instead of browsers, and could not have the most recent versions with the latest cookie controls built in.

Now it’s decided that websites need to work harder to ensure they don’t risk falling foul of the impending laws. It’s suggesting that websites could look at pop-ups, despite them being a factor in “spoiling the experience” of using a website.

Another idea is ensuring the terms and conditions of a subscription based account to ensure the cookie policy is more prominent as well as adhered to, while another recommendation is having a note at the top of the site when cookies are in use.

The only time that websites can get away with keeping schtum about these cookies is when they have been requested by a user. This includes for logins or online checkouts.

Although the government won’t be putting its oar in and fining companies that don’t comply, websites won’t be getting off scott free.

“The government’s view is that there should be a phased approach to the implementation of these changes,” the ICO said in its guidelines.

“In light of this if the ICO were to receive a complaint about a website, we would expect an organisation’s response to set out how they have considered the points above and that they have a realistic plan to achieve compliance. We would handle this sort of response very differently to one from an organisation which decides to avoid making any change to current practice. The key point is that you cannot ignore these rules.”

The ICO will be issuing separate guidance on it intends to enforce these regulations. It will also be giving advice to consumers about what the new law will mean for them.