Businesses need to ensure they are ready for EU legislation requiring them to get consent if they want to track user behaviour.
So says the Information Commissioner's Office (ICO), which warned the roll out of the new law will be "a challenge."
The legislation will come into force on 25 May 2011 and will require UK firms to get consent if they want to place cookies onto users' computers.
"It will have positive benefits as it will give people more choice and control over what information businesses and other organisations can store on and access from consumers' own computers," said information commissioner Christopher Graham.
"Businesses and organisations running websites in the UK must wake up to the fact that this is happening."
Despite the warning, Graham said the ICO was clear the changes should not have a detrimental impact on consumers nor cause "an unnecessary burden on UK businesses."
He said one option could be to allow cookie consent to be given over browser settings.
Culture minister Ed Vaizey admitted the work would not be complete by the deadline.
"The Government is clear that it will take time for meaningful solutions to be developed, evaluated and rolled out," he said.
"We recognise this could cause uncertainty for businesses and consumers. Therefore we do not expect the ICO to take enforcement action in the short term against businesses and organisations as they work out how to address their use of cookies."
Over-regulation concerns
Although the Big Brother Watch said it looked forward to seeing how websites would adapt to the legislation, it has previously called for such moves to form part of voluntarily adopted industry standards, rather than be enforced by the EU.
"First and foremost we advocate industry standards and agreed upon best practices for technology companies using cookies," Dominique Lazanski, senior fellow for technology policy at the Big Brother Watch, told IT PRO.
"If the industry sets standards then the industry can innovate around those standards."
Lazanski also warned about the enforcement of any opt-out' law, largely because this would bring additional legislation that would only hamper tech industry innovation.
"Both Microsoft and Firefox are already developing opt-out buttons into their web browsers as part of their new product development," Lazanski added.
"By forcing an 'opt-out' in the EU, internet companies will have to spend more money on complying with EU regulation and less money on innovation in privacy."
Google has already announced a feature for its Chrome browser letting users opt-out of ad tracking cookies.
-
Data center water consumption is out of control, but cloud providers want EU lawmakers to go easy on themNews The European Commission says water shortages are being exacerbated by leaks and pollution, but also points to high usage from data center operators.
-
British IT worker jailed for revenge attack on employer that caused a “ripple effect of disruption” for colleagues and customersNews West Yorkshire man Mohammed Umar Taj was suspended from his job in Huddersfield in July 2022, and began taking revenge within hours.
-
‘A huge national security risk’: Thousands of government laptops, tablets, and phones are missing and nowhere to be foundNews A freedom of information disclosure shows more than 2,000 government-issued phones, tablets, and laptops have been lost or stolen, prompting huge cybersecurity concerns.
-
23andMe 'failed to take basic steps' to safeguard customer dataNews The ICO has strong criticism for the way the genetic testing company responded to a 2023 breach.
-
European Commission calls for cyber security proposalsNews With a special focus on healthcare, the Commission is looking to allocate €145.5 million
-
Cyber attacks have rocked UK retailers – here's how you can stay safeNews Following recent attacks on retailers, the NCSC urges other firms to make sure they don't fall victim too
-
ICO admits it's too slow dealing with complaints – so it's eying up automation to cut staff workloadsNews The UK's data protection authority has apologized for being slow to respond to data protection complaints, saying it's been overwhelmed by increased workloads.
-
The UK cybersecurity sector is worth over £13 billion, but experts say there’s huge untapped potential if it can overcome these hurdlesAnalysis A new report released by the DSIT revealed the UK’s cybersecurity sector generated £13.2 billion over the last year
-
"Thinly spread": Questions raised over UK government’s latest cyber funding schemeThe funding will go towards bolstering cyber skills, though some industry experts have questioned the size of the price tag
-
AI recruitment tools are still a privacy nightmare – here's how the ICO plans to crack down on misuseNews The ICO has issued guidance for recruiters and AI developers after finding that many are mishandling data
