Categories
| All Categories |
| China |
| European Union |
| France |
| Peru |
| South Africa |
| U.K. |
| Multinational |
Subscribe
Mail
RSS
U.K.
United Kingdom: New Rule for the Use of Cookies
Francoise Gilbert
On May 9, 2011, the United Kingdom’s Information Commissioner’s Office (ICO) published an “advice” explaining the new rule for the use of cookie technologies for websites that are subject to the UK laws. This rule results from the implementation of the 2009 Amendment to the 2002 EU ePrivacy Directive into the UK laws. It will amend Regulation 6 of the Privacy and Electronic Communication Regulations 2003 (PECR).
There are two basic requirements. Businesses and other entities are permitted to use cookie technologies only if the user of the site or application:
- has received clear and comprehensive information about the purpose for the cookie in question; and
- has given his or her consent to the use of the cookie.
What this Means for Companies
Companies that do business in the United Kingdom or are otherwise subject to the UK’s Data Protection Act, must promptly start considering ways to respond to the new requirements that result from the amendment of the PECR Regulations.
In brief, the new rule requires that users provide informed, affirmative consent to the use of almost any cookies that a website would wish to install on their machine. The restriction applies both for the installation of the cookie and the subsequent access to the information stored on the cookie. Except for a small category of cookies that are necessary for the proper operation of a site, or for offering a shopping-cart type feature, all other cookies, including those that are used for analytics purposes require prior specific consent. Of course, flash cookies are also subject to the notice and consent requirement.