With less than 24 hours until the grace period ends for websites to comply with the EU Privacy and Electronic Communications regulations, the ICO held a press briefing to communicate updates to the guidance they provided in December 2011.
Companies across Britain are working hard to achieve compliance but even the Government admitted last week that the majority of their websites would not be compliant before the grace period ends.
What are the key changes?
There are two key changes to the guidance to note:
- The ICO suggests that they will not immediately seek to penalise companies who do not comply with the new requirements for cookies and other similar technologies when the grace period expires on the 26th of May. The context of a website’s usage of cookies will also determine the ICO’s approach to when it will take enforcement action: the greater the risk to privacy, the more likely they are to give an enforcement notice. This means firms that have ‘at least’ begun a cookie audit will not immediately face an enforcement action. David Evans says himself:
“Where we have seen people with sensible timescales [for implementation of a solution to obtain consent] we are perfectly happy to work along with those.”
*Huge sigh of relief from the Government*
So what do I need to do before tomorrow?
Well there has been no real change as to the actions that companies need to take. So you will still need to take the following four steps:
- Complete a cookie audit
- Assess the invasiveness of your cookies
- Decide on your strategy for compliance
Don’t have time for a cookie audit?
We’re offering a range of services to help you ensure that your website complies with the new directive:
- Cookie Audits
- Audits start from £150.00 excluding VAT
- Mentoring for people conducting audits from £60.00 per hour excluding VAT
- Determine the Invasiveness of the cookies and the action to be taken:
You will receive a one-hour consultancy call during which we will review all of the cookies found on your website. Following this we will then produce the documentation required to show you are taking the steps required to comply with this legislation. We are offering this service at a price of £120.00 (excluding VAT).
- Remove Cookies and Functionality:
Once the cookie audit and assessment of invasiveness is complete we can supply you with a fixed price quote for the removal (or modification) of any functionality that places cookies on a user’s computer.
- Legals and T&C Templates:
We will provide a template for you legals and update your copy and add a clear link to your cookieusage policy. We are offering this service for £175.00 (excluding VAT).
Please note if we undertake this task are not providing professional legal advice and are supplying templates.
To ensure that you are compliant with this legislation contact us on 0131 556 6818 to discuss your chosen strategy.