EU cookie consent law largely ignored

The EU has give the UK until May 28th 2012 to comply with the cookie consent law - how many of the organisations pinpointed by the ICO have met the deadline?

Most UK organisations have ignored the EU directive on cookies

The EU Cook­ie Con­sent law has been mak­ing a lot of waves in the web indus­try since it was first announced. The UK was giv­en an extend­ed peri­od to imple­ment the law and this has been over­seen by the Infor­ma­tion Commissioner’s Office — ​“the UK’s inde­pen­dent author­i­ty set up to uphold infor­ma­tion rights in the pub­lic inter­est, pro­mot­ing open­ness by pub­lic bod­ies and data pri­va­cy for indi­vid­u­als” — know as the ICO.

The ICO pub­lished a list of organ­i­sa­tions that it has writ­ten to, spread across a wide spec­trum of oper­a­tions, and in many cas­es has been work­ing with to get feed­back on the approach to the cook­ie law issue. This result­ed in an 11th hour change to the law on the 24th May 2012 much to the out­rage of those com­pa­nies that have spent a lot of time and effort get­ting com­pli­ant in time.

I reviewed that list of organ­i­sa­tions expect­ing to see the major­i­ty of sites in com­pli­ance with the new law — espe­cial­ly since the ICO had high­light­ed these and had been in con­tact. These were my findings:

Of the 75 organ­i­sa­tions list­ed by the ICO 13 had imple­ment­ed a cook­ie con­sent func­tion, 60 had done noth­ing (and may not need to) and 2 I could not fath­om who the ICO had writ­ten to so could not find a web­site to test.

This is despite good advice and tips on Cook­ie Con­sent law imple­men­ta­tion being read­i­ly avail­able around the web. One UK agency, Silk­tide, have even cre­at­ed a Cook­ie Con­sent kit that takes 5 min­utes to update a site to make it com­pli­ant. For the big­ger com­pa­nies though this kind of change is a chal­lenge and the court costs and fines may well be less than the cost of implementation.

If you want to read more about the Cook­ie Con­sent law I sug­gest you start your jour­ney at the ICO and then move onto the No Cook­ie Law website.

To do this test I used the Ghostery Chrome plug-in to show the cook­ies but in some cas­es it did not detect any so on fur­ther inves­ti­ga­tion with the Web Devel­op­er plug in I was able to see the cook­ies set by the web­site. It’s not per­fect but its a good indi­ca­tion of the state of com­pli­ance with this law.

Note that simon​cox​.com is not on the ICO list and there­fore I have not been direct­ly con­sult­ed by the ICO and since none of the EU web­sites have both­ered to com­ply (seri­ous­ly!) I will wait to see what the best prac­tice is — or for a change in the law.