"Our bots are coming for your bots" – so said John Edwards, the UK Information Commissioner at the Information Commissioner's Office (ICO), during the IAPP Data Protection Intensive UK 2024 conference earlier this month.
Cookie compliance is one of the ICO's three active focus areas at the moment. The ICO has already contacted 53 of the UK's top 100 websites to tell them that their cookie consents and policies were not compliant and gave them 30 days to correct that. 38 have acted swifty and engaged with the ICO to change their banners and policies. Others are in conversation. Some have yet to respond, and the ICO have said to expect updates on enforcement action taken.
But the ICO is not stopping there – he plans to contact the next 100 websites, and so on. More than that, the ICO is building automated tool to check compliance automatically so soon this could be entirely routine compliance that happens automatically.
Now is the time to check that your organisation's cookie compliance (the banner, consent mechanism and policy) meets the requirements of the legislation.
As a double incentive, while fines for failure to comply are currently capped at £500,000, that is set to change under the Data Protection and Digital Information Bill (which is passing through the House of Lords) and will be replaced with fines up to four percent of an organisation's global annual turnover.
Read the original article on GowlingWLG.com
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
