Opinion
The Cookie Monster
Simon Clayton, chief ideas officer at Reftech,
issues a stark warning about failing to follow
ICO regulations on the use of cookies
P
retty much every website in the
world uses cookies, and a few months
ago the Information Commissioner’s
Office (ICO) published new guidance
on their use, meaning that the majority
of websites are now in violation of these
rules. But have you seen any difference
in the way that the websites you visit
work? Have you actually changed your
own website as a result? I can safely
predict that the vast majority of you
haven’t, because a lot of major websites
haven’t either. This is partly because
a lot of people aren’t aware of the new
guidance.
So, do you need to bother? Whilst we
haven’t yet seen any fines for non-
32 — February
compliance, it’s worth knowing that the
ICO, and their European equivalents,
have been busy of late. They have grown
bigger teeth and have been working very
proactively, rather than just reacting to
reported data breaches. The German
internet provider 1&1 was fined £8m for
poor customer security ID checks, and
in October the same regulator punished
a German property company with a
bigger €14.5m fine for holding on to
people’s personal data for longer than
was necessary. Here in the UK, between
July and September 2019, the ICO
issued fines to 340 companies for failing
to pay the mandatory data protection
fee that all organisations that process
personal information are required to
pay.
What am I doing wrong?
With this new vigour in mind, let’s
explore why most websites are in
violation of the ICO’s latest guidance,
and what you need to do about it.
To explain: a cookie is a small piece
of data that a website will place on
your device to either make the website
work (known as essential cookies)
or to enable the website to feedback
information about the visitor’s usage
(non-essential cookies). Most of us are
aware of the ‘this website uses cookies’