Websites face £500k fine for breaching 'cookie' law Firms get short amnesty to comply with new regs
26 April 2011
Any website found guilty of using technologies to track a user's browsing behaviour without their consent or sending unwanted marketing emails to consumers could face a fine of up to £500,000.
The new monetary penalty is part of raft of new powers granted to the Information Commissioners' Office (ICO) to regulate breaches of privacy regulations.
The new powers to punish unwanted marketing are granted to the ICO as part of an amendment to the UK's Privacy and Electronic Communications Regulations (PECR), which comes into force on 25th May.
Under the new PECR, any company which is found guilty of sending unwanted marketing emails to consumers or making unwanted live or automated marketing phone calls could face the fine.
The changes are required by the new European Union Electronic Communications Framework which, as well as covering unwanted marketing, also includes a new e-Privacy directive that requires website owners to obtain prior consent before installing tracking technologies, such as cookies, on a visitor's computer.
Let the Which? experts tell you how to stay safe and protect your personal details online.
What are cookies?
Cookies are small pieces of computer code which enable websites to remember users' preferences, but they can also be used for tracking consumers' browsing behaviour for targeted advertising purposes.
A new maximum fine of £500,000 will be levied in extreme cases where the new regulations have been breached, up from the £5,000 maximum available today.
The spokeswoman continued: 'The department says it will take some time for meaningful solutions to be developed, evaluated and rolled out. Therefore, we don't expect to take enforcement action against any company which has not complied with the revised directive after 25th May.
'As long as a company can show that it is working towards compliance, then they will be exempt from enforcement action in the short term.
The spokeswoman explained that, as yet, the ICO had not set out a time limit by which all companies had to comply with the directive.
Are you worried about flash cookies tracking you? Do you think it's right that websites can use Flash cookies to build up an online profile based on your browsing habits? Join the debate at Which? Conversation.
Dr Rob Reid, a senior Which? policy adviser, said: 'We welcome the fact that the ICO has been granted stronger powers to penalise businesses who ignore consumers’ wishes not to be targeted by marketing calls and emails.
'We also welcome moves to provide consumers with more transparency, choice and control over how and when they are tracked online. However, we appreciate the technical difficulties around compliance with the new Directive and we understand the government giving companies time to adjust immediately following 25th May.
'We would like to see a clearer picture of what compliance will look like and a clear timeframe within which it will be enforced. To this ends we hope to be able to work with the ICO to develop clear guidance to consumers and companies on what compliance looks like.'
To keep up with the latest technology developments, take out a trial subscription to Which? Computing
How to follow the latest Which? Tech news
Are you a Twitter user? Follow WhichTech on Twitter for regular tech tweets.
Prefer RSS? Don't miss a thing with the Which? tech RSS feed.
For just the main headlines in newsletter form, sign-up to our weekly Which? tech email.
Apple iPad 2 3G data plans compared - find the best 3G plan for your iPad
Best Android tablets round-up - we look at the best iPad alternatives around
Best cheap laptops for under £500 - find the best laptop deals