Businesses that fail to comply with rules requiring them to make it as easy for their website visitors to reject non-essential cookies as to accept them should consider amending their websites to ensure compliance, as the Information Commissioner’s Office (ICO) may be taking a stricter approach to enforcement in future.
One remedy is to enable visitors to reject non-essential cookies – small data files stored on a visitor’s computer or other device by a website while they browse online. These can enable third parties to track what the visitor looks at and clicks on, usually so that online adverts, offers or other information can be tailored to the visitor’s apparent preferences as indicated by online behaviour. Rejecting non-essential cookies can be made easy by providing a ‘Reject all’ cookies button alongside the ‘Accept all’ cookies button visitors are usually presented with.
The ICO appears to be carrying out more ‘regulatory interventions’ to check whether websites are in breach – a simple matter to check, just by visiting a website – prior to requiring the website owner to remedy the situation within a reasonable time or pay a fine.
When considering how much work to do to ensure compliance, businesses should have in mind that the requirement to obtain consent to use cookies generally may be abolished at some stage in the future. Businesses may wish to do only the minimal necessary to comply with the current rules at this stage.
The rules saying that consent is not required if a cookie is essential remain the same.
Businesses should check their websites to ensure visitors can reject non-essential cookies as easily as they can accept them and, if not, amend them.
Members may find our technical factsheet on GDPR useful in relation to data protection issues. The guide contains useful links to the ICO guidance on privacy policies.
Brought to you in conjunction with Atom Content Marketing. Offering practical advice to help small businesses succeed.