Now you may be getting bored by this point about people harping on about the changes to the law on cookies and it seems like even the public are starting to notice that something’s going on (see this list of the top 10 ‘What is…? searches on Google this year), but we have had some updated guidance from the Information Commissioner’s Office this week. It rather (un)helpfully points out that the new requirements ‘cannot be ignored’….
From a brief read, the guidance doesn’t seem to add much to what we already know, for example, I think people were already pretty clear that ‘first and third party advertising cookies’ were unlikely to fall within the ‘strictly necessary’ exemption from obtaining consent.
Something that particularly annoys me in Christopher Graham’s ‘half term report’ (which accompanies the guidance) is his comment that some organisations have found solutions ‘that really work’, but he cannot tell us what these specific products or services are. Its like dangling a carrot on a stick. Surely, if there are some good examples of compliance it would be a good idea to share them?
On the other hand, given the amount of organisations failing to take significant steps towards compliance yet, it seems that the risk of enforcement action being taken against you come May 2012 could be quite low - as long as you look like you are ‘trying to get there’. Then again who really knows what's likely to happen in May?
I'm sure we haven't seen the end of this yet....