With effect from 25th May this year, all UK website owners must comply. That means you have to explicitly get your website users’ permission to use non-essential cookies to track their data.
If you’re unsure what a cookie is, basically, it’s a piece of information that your computer’s hard disk stores so that the website you’re on can remember who you are.
If you’re website uses Google Analytics to track visitors then it’s essential you take steps to comply with the directive. The ICO (Information Commissioner’s Office) had originally announced that failure to comply would result in a fine of £500,000. However, the ICO has now assured website owners it won’t be issuing any fines.
According to a recent article in PC Pro, ‘sites will generally only be investigated by the ICO after users report them via a yet-to-launch tool on the watchdog’s site. Only the most intrusive cookies will lead to the ICO using its “enforcement powers”, Smith said, which includes fines up to $500,000 or notices requiring companies to take action to fix data protection flaws.’
Smith went on to say that fines were unlikely for cookies, as they wouldn’t meet the requirements for being “substantially distressing” to individuals. “We do not rule that out but it’s most unlikely that breaches of cookie requirements meet the requirement for monetary penalty,” he said. “In the area of cookies, it’s quite hard to satisfy the test for a fine.”