top of page

IS YOUR WEBSITE COOKIE COMPLIANT? WATCH OUT AS ICO COMES AFTER YOU!

Now would be a great time to check whether your cookie banners comply with GDPR and additional specific regulations and rules such as PECR (UK Privacy and Electronic Communications Regulations), TTDSG (German Telecommunications and Telemedia Data Protection Act) etc.

Just last June, the ICO warned companies that fail to include a “reject all” button in their website cookie banners they are “breaking the law” and risking regulatory enforcement.

Following this, on November 21, 2023, the ICO published a statement confirming that it had issued written warnings to some of the UK’s top websites, telling them to improve their cookie practices and to amend their practices within 30 days of the notices.


A standard copy of the letter sent was then published and confirmed that the ICO had assessed those cookie banners and had concerns around issues such as: 

  • Non-essential advertising cookies were placed without obtaining consent from users: This is the case where the website has no cookie banner at all so consent was given by users. 

  • Non-essential advertising cookies were placed before the user had the opportunity to provide consent: These websites have cookie banners, but place cookies without first obtaining consent from users as consent, recieved after placing the cookies, is invalid.

  • Users cannot reject non-essential advertising cookies as easily as they can accept them: These websites inform users of the cookies and ask for their consent. However, the cookie banners do not allow immediate rejection of cookies while they allow immediate consent. The consent provided through an “Accept All” button cannot be deemed to be freely given, specific or informed when there is no “Reject all” button. 

  • Non-essential advertising cookies were placed despite the user opting to reject them: Although these websites have a consent mechanism in place, they failed to respect users’ choices and placed cookies despite users clicking the “Reject all” button.

The ICO has said it will provide an update, including publishing the names of the companies that fail to take appropriate steps to address these concerns.

On January 31, 2024 the ICO published an update stating they had an overwhelmingly positive response to the call to action. Of the 53 organizations contacted, 38 organizations have changed their cookies banners to be compliant, four have committed to reach compliance within the next month and Several others are working to develop alternative solutions.

They have warned and marked they are developing an AI solution to help identify websites using non-compliant cookie banners – “We will not stop with the top 100 websites. We are already preparing to write to the next 100 – and the 100 after that.”

Our advice to our customers and other organizations out there - take action now to make you cookie banner compliant. We can totally help you with that!

43 צפיות

פוסטים אחרונים

הצג הכול

Amendment 14 Legislation Update

As the legislative process for Amendment 13 progresses, the obligation to appoint a Data Protection Officer (DPO) will become mandatory...

Comments


bottom of page