The UK's privacy and data protection watchdog has offered businesses guidance on how to comply with an EU law on use of cookies technology.
The law will come into force on 26 May thanks to an amendment to the EU's Privacy and Electronic Communications Directive, requiring companies to get permission from users before tracking activities with cookies.
The Information Commissioner's Office (ICO) has issued a nine-page document, detailing the changes with brief pieces of advice on what businesses should do to comply with the law.
"The implementation of this new legislation is challenging and involves significant technological considerations," said information commissioner Christopher Graham.
"We're responsible for regulating the new law and will undoubtedly start to receive complaints about companies who are using cookies without consent."
Graham admitted the guidance "doesn't yet provide all of the answers" as it was a work in progress.
Prior to the changes, companies only had to tell users how to use cookies and how they could opt out if they wanted to.
The Government has planned a phased approach to the implementation of the new law.
"In light of this, if the ICO were to receive a complaint about a website, we would expect an organisation's response to set out how they have considered the points above and that they have a realistic plan to achieve compliance," the document read.
"We would handle this sort of response very differently to one from an organisation which decides to avoid making any change to current practice. The key point is that you cannot ignore these rules."
As for how the ICO will enforce the regulations, it said it would release a separate document outlining possible punitive measures against those who do not comply.
Robert Bond, partner at law firm Speechly Bircham and chairman of the ICC UK EBITT Experts Group, said the implementation of the law could have a negative effect on the UK economy.
"While it is laudable that the EU is attempting to increase internet users' privacy, the haphazard way in which the Directive is still being interpreted across Europe coupled with the generic nature of these guidelines means that these changes although certainly necessary in the short term will do some damage to UK Plc's balance sheet to start off with," Bond said.
"The Government is clearly reaffirming their position that businesses must self-regulate and self-audit."
Bond said there were plenty of headaches for businesses to contend with in complying with the new law.
"Businesses who wish to protect their reputation will face a number of costly challenges ranging from extensive internal audits to determine what operational mechanisms they need to put in place, to third party expenses such as legal and IT input on how to become fully compliant," he added.
"There is also a myriad of related complications such as the hosting of third party applications on websites and the lack of consistency across European jurisdictions."
-
Should AI PCs be part of your next hardware refresh?AI PCs are fast becoming a business staple and a surefire way to future-proof your business
-
Westcon-Comstor and Vectra AI launch brace of new channel initiativesNews Westcon-Comstor and Vectra AI have announced the launch of two new channel growth initiatives focused on the managed security service provider (MSSP) space and AWS Marketplace.
-
‘Europe could do it, but it's chosen not to do it’: Eric Schmidt thinks EU regulation will stifle AI innovation – but Britain has a huge opportunityNews Former Google CEO Eric Schmidt believes EU AI regulation is hampering innovation in the region and placing enterprises at a disadvantage.
-
The EU just shelved its AI liability directiveNews The European Commission has scrapped plans to introduce the AI Liability Directive aimed at protecting consumers from harmful AI systems.
-
A big enforcement deadline for the EU AI Act just passed – here's what you need to know
News The first set of compliance deadlines for the EU AI Act passed on the 2nd of February, and enterprises are urged to ramp up preparations for future deadlines.
-
EU agrees amendments to Cyber Solidarity Act in bid to create ‘cyber shield’ for member statesNews The EU’s Cyber Solidarity Act will provide new mechanisms for authorities to bolster union-wide security practices
-
The EU's 'long-arm' regulatory approach could create frosty US environment for European tech firmsAnalysis US tech firms are throwing their toys out of the pram over the EU’s Digital Markets Act, but will this come back to bite European companies?
-
EU AI Act risks collapse if consensus not reached, experts warn
Analysis Industry stakeholders have warned the EU AI Act could stifle innovation ahead of a crunch decision
-
Three quarters of UK firms unprepared for NIS2 regulations, study findsNews Senior management can be held personally liable for non-compliance under NIS2 rules
-
US-UK data bridge: Everything you need to knowNews The US-UK data bridge will ease the complexity of transatlantic data transfers
