This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

ICO disputes Freedom of Information Act findings on cookie reporting

Share this article:

The Information Commissioner's Office (ICO) has dismissed claims that it is unprepared when it comes to investigating cookie compliance failures.

As detailed by SC Magazine, a Freedom of Information (FoI) request submitted by PC Pro found that 320 websites have been reported to the ICO through its online submission tool, but none of those sites have been investigated.

The ICO claimed that this was due to it not having a team in place to investigate, despite the laws being announced in May 2011 and enforced a year later.

However in a statement sent to SC Magazine, the ICO claimed that the suggestions were "dramatically wide of the mark".

It said: “The reality is that the ICO has been working to ensure compliance with the cookie law since it was introduced, with enforcement work complementing an education programme and significant liaison with the industry.”

The ICO said that after the 12-month grace period it gave companies to comply with the law ended in May 2012, its enforcement team wrote to 75 of the most visited websites, asking what steps they had taken to achieve compliance and its recently-established intelligence hub is monitoring the 75 websites contacted.

“So far 45 have been analysed, of which 27 have clearly taken action to increase the visibility of the information about cookies. Only three sites make no specific mention of cookies on their home page, and these, along with the six sites that failed to respond to our letter, will be set a deadline to take steps towards compliance, with formal enforcement action likely for the organisations that fail to meet this deadline,” it said.

The ICO also said that it has reviewed the 331 responses collected from its online cookie concern reporting tool, and its next step is to write to all of the websites highlighted.

It said: “It should be noted that a significant number of the responses do not provide any intelligence that can be analysed, while a proportion also highlight websites that rely on implied consent, which is in line with the EU law.

“A progress update, including a list of all the websites contacted, will be published on our website in November, six months after the cookie concern reporting tool was established.”

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Google and Facebook offer free cyber-security tools

Google and Facebook offer free cyber-security tools

Google and Facebook have both launched free open-source cyber-security tools this week, designed to help security professionals spot malware and cyber-attacks.

Mixed results for key Government cyber-initiatives

Mixed results for key Government cyber-initiatives

The Government's Verify scheme to confirm IDs is behind scheuduled uptake, but its CISP threat intelligence sharing scheme is ahead of target.

Hundreds of companies face 2,000 cyber-attacks in EU exercise

Hundreds of companies face 2,000 cyber-attacks in EU ...

The European Network and Information Security Agency (ENISA) conducted a 24-hour cyber-exercise in which more than 200 organisations from 25 EU member states faced virtual cyber-attacks from white hat hackers ...