01 Jul 2011
A freedom of information request has revealed that the Information Commissioner's Office (ICO) has seen a 90 per cent drop in recorded traffic on its web site after an opt-in cookie policy was implemented.
The ICO is one of the first web sites in the UK to introduce such a policy after an EU directive was passed down to member states on 26 May, which stipulates that web sites need consent from visitors if cookies are stored on users' computers.
Cookies are largely used by companies to highlight to advertisers where their audience is based, and UK businesses with an online presence have until May 2012 to implement similar opt-in features.
The ICO has the following message displayed at the top of its web site, next to a tick box where visitors can consent to cookies being used:
"The ICO would like to use cookies to store information on your computer, to improve our website. One of the cookies we use is essential for parts of the site to operate and has already been set. You may delete and block all cookies from this site, but parts of the site will not work. To find out more about the cookies we use and how to delete them, see our privacy notice."
Businesses that do not comply with the change in legislation after the 12-month window could face a fine of up to £500,000, and Information Commissioner Christopher Graham described the EU-wide rule as "challenging".
Malcolm Duckett, CEO of digital marketing company Magiq, argued that the change in law could have a wider impact on EU businesses.
"The recent statistics from the ICO are staggering, and shows just what can happen if you get it wrong. The implications of not complying are huge, but it is worrying to see such a dramatic fall-off in visitors," said Duckett.
"The ICO has now experienced first-hand what many European businesses will no doubt be concerned about, and e-commerce sites in particular will be faced with a rough ride if this happens to them," he added.
"At a time when the high street is suffering, it has never been more important for e-commerce sites to be seen as trusted and reliable by customers, and this is a disquieting red flag to all web sites that will need to ensure compliance."
As I'm certain has been pointed out to you, there is the 'stricly necessary' caveat from Regulation 6 (4)(b) of PECR.
I believe the ICO are informing us that they have exercised their right to place the cookie without consent on the basis that it is strictly necessary for a service requested bu the user.
Could be wrong!
PS I predict much legal 'horse trading' as we collectively come to a consensus on what constitutes 'strictly necessary'. I agree that .aspx session id could be but not Google Analytics
Posted by: Duncan 31 Oct 2011
(The) EU directive ... stipulates that web sites need consent from visitors if cookies are stored on users' computers.
and
"One of the cookies we use is essential for parts of the site to operate and has already been set."
Is it just me, or does the second statement appear to be a clear breach of the first? Am I missing something?
Posted by: lw 05 Aug 2011
Have your say on this article
Newsletters
Latest stories from Internet
Latest videos
You may also like
Internet jobs
Technology Patent Wars
Case studies from large organisations across all sectors
... And rich media, and flexible working, and peaks in traffic ...
Upcoming Events
Join us for this Computing web seminar, in which the Head of BI at the Co-operative Group Nick Colebourn will be explaining just how he reigned in the Group’s sprawling database estate and how significant savings were realised and data quality improved as a result.
Date: 31 May 2012
Time: 11:00 AM
Live June 13th 11:00am: Register now. During this web seminar we will be looking at the sorts of incidents that can bring data centres grinding to a halt and what can be done about them.
Date: 13 Jun 2012
Time: 11:00 am
Receive the latest jobs direct to your inbox
Are you being paid what you are worth?
