ICO’s Spring 2014 #cookielaw update

The Information Commissioner’s Office, the UK government agency which polices the EU Cookie Law in the UK, has released the statistics on cookie law reports they received in the 1st quarter of 2014. Anyone sad enough to read my quarterly posts on these figures knows that this follows on from their Winter 2014, Autumn 2013, Summer 2013, Spring 2013, and 2012 aggregate reports.

During the first quarter ICO received a total of 65 submitted complaints. These 65 complaints were a rise of 13 from the winter quarter (52), a drop of 8 from the autumn quarter (73), a drop of 10 from the summer quarter (75), and a drop of 22 from the same quarter last year (87).

As always, that number does not mean that there were 65 cookie law violations or privacy issues. It simply means that they received 65 submitted complaints. In fact, the main revelation from this quarterly report is that ICO is openly admitting how many of these complaints are timewasting nonsense. In the spring report, they note

Many of the concerns received about cookies did not relate to individual sites or provide specific information about non-compliance.

And, in their usual passive aggressive style, they note that these 65 cookie law complaints stand next to the 34,530 complaints they received in that same quarter about unsolicited marketing communications alone.

ICO has a list of the 200 most visited web sites in the UK. Given the sheer amount of nonsense complaints they have to wade through because of the cookie law, they wisely prefer to focus their energies on complaints made about these 200 web sites. ICO state that they reviewed 27 of these 200 most popular sites in the spring quarter. 25 of those sites had no issues. Two have taken limited steps but are not likely to be compliant, but no further action resulted.  ICO does note that

One new frequently visited site has been referred to the PECR Enforcement Team for further consideration during this quarter. Another site has been referred on the basis it has dropped from ‘green’ to ‘amber’, due to decreased prominence of cookie information. One site moved from ‘amber’ to ‘green’ on the basis of improvements made. A further 10 sites were written to during quarter 4.

So once more the cookie law panic is reduced to a load of vexatious and nonsense complaints, and legitimate concerns about a number of sites that can be counted on one hand. The “concerns” relate to the provision of cookie information; there is no case to be proven for any breach of privacy or injuries suffered as a result of any lack of cookie law compliance.

Meanwhile, if you want to learn about a new EU law that actually does have serious consequences, buy my book on the Consumer Rights Directive.

About the author
Heather Burns is a digital law specialist in Glasgow, Scotland. She researches, writes, publishes, consults, and speaks extensively on internet laws and policies which affect the crafts of web design and development. She has been designing and developing web sites since 1997 and has been a professional web site designer since 2007. She holds a postgraduate certification in internet law and policy from the University of Strathclyde. Learn about hiring Heather to write, speak, or consult.