Half Of UK Organisations Ignore The Cookie Law

Max 'Beast from the East' Smolaks covers open source, public sector, startups and technology of the future at TechWeekEurope. If you find him looking lost on the streets of London, feed him coffee and sugar.

Follow on: Google +

A year after it was introduced, the EU Directive on Privacy and Electronic Communications still doesn’t bother Britain

It has been 12 months after the controversial ‘Cookie Law’ came into force across the European Union, but half of UK organisations are still ignoring it.

According to research by KPMG, 49 percent of public and private sector companies comply with the EU Directive on Privacy and Electronic Communications. This means that, in theory, the majority are risking fines of up to £500,000.

Cuckoo law

The cookie Directive was designed to protect Internet users from intrusive tracking and marketing material, but has been widely criticised as confusing and inefficient. Last year, some companies went as far as to openly taunt ICO, the body tasked with enforcing this particular law. Even the government openly admitted it wouldn’t be fully compliant by the 26 May deadline.

Cookie MonsterToday, the Directive is ignored across the UK to the extent that some organisations which were compliant 12 months ago are now falling foul of the legal requirements.

Out of those which comply, just two percent ask for explicit consent of their customers or users. Another 43 percent use “implicit” consent – display pop-ups that inform users that by remaining on the website, they accept its Terms and Conditions, including those governing cookie collection.

A further 4 percent have become fully compliant by not setting cookies on their websites at all.

“A year ago we found 80 percent of websites to be non-compliant, and today that figure has dropped to little over half. Yet while this is a move in the right direction, what we have uncovered is a pretty patchy response to the law at best.

“The fact remains that cookies monitor users’ website activity which, if used without prior knowledge for marketing and other purposes, is a breach of privacy. By adopting this implicit approach, organisations are assuming individuals have previously consented to receiving cookies and this is hardly the spirit in which the legislation was introduced. We would therefore question whether the ‘Cookie Law’ has achieved what it set out to achieve and whether the threat of fines is enough to change organisations’ behaviour.”

Can you look after your personal data online? Take our quiz!

Read also :