This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

ICO disputes Freedom of Information Act findings on cookie reporting

Share this article:

The Information Commissioner's Office (ICO) has dismissed claims that it is unprepared when it comes to investigating cookie compliance failures.

As detailed by SC Magazine, a Freedom of Information (FoI) request submitted by PC Pro found that 320 websites have been reported to the ICO through its online submission tool, but none of those sites have been investigated.

The ICO claimed that this was due to it not having a team in place to investigate, despite the laws being announced in May 2011 and enforced a year later.

However in a statement sent to SC Magazine, the ICO claimed that the suggestions were "dramatically wide of the mark".

It said: “The reality is that the ICO has been working to ensure compliance with the cookie law since it was introduced, with enforcement work complementing an education programme and significant liaison with the industry.”

The ICO said that after the 12-month grace period it gave companies to comply with the law ended in May 2012, its enforcement team wrote to 75 of the most visited websites, asking what steps they had taken to achieve compliance and its recently-established intelligence hub is monitoring the 75 websites contacted.

“So far 45 have been analysed, of which 27 have clearly taken action to increase the visibility of the information about cookies. Only three sites make no specific mention of cookies on their home page, and these, along with the six sites that failed to respond to our letter, will be set a deadline to take steps towards compliance, with formal enforcement action likely for the organisations that fail to meet this deadline,” it said.

The ICO also said that it has reviewed the 331 responses collected from its online cookie concern reporting tool, and its next step is to write to all of the websites highlighted.

It said: “It should be noted that a significant number of the responses do not provide any intelligence that can be analysed, while a proportion also highlight websites that rely on implied consent, which is in line with the EU law.

“A progress update, including a list of all the websites contacted, will be published on our website in November, six months after the cookie concern reporting tool was established.”

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Samsung Galaxy S5 fingerprint scanner 'easily hacked'

Samsung Galaxy S5 fingerprint scanner 'easily hacked'

Single step authentication on Galaxy leaves PayPal accounts open to abuse say German researchers.

MSWin 8.1 users must update or lose security patches

MSWin 8.1 users must update or lose security ...

Organisations run the risk of being left defenceless against attackers unless they upgrade from MS Win 8.1

Communication gap indentified between IT and management

Communication gap indentified between IT and management

Bad news is filtered out of communicaiton to the C-suite and 63 percent of IT staff only start talking after a breach has taken place.