For the past two years I have written a post every quarter detailing the statistics on EU Cookie Law complaints received and processed by the the Information Commissioner’s Office, the UK data protection authority which oversees the law in the UK. They have now released the Q1 2015 statistics, several months late, after some nagging web law writer had to ask them to update their stats page.
For the first quarter of 2015 ICO received 39 cookie law complaints. This is a drop of 40% from Q1 2014.
As they have now done for the past year and a half, the number was accompanied by a statement reporting the invalidity of many of the complaints:
It is important to note that many of the concerns we received about cookies did not relate to individual sites or provide any information about specific instances of non-compliance.
And as always, they note how many complaints they received about other matters compared to cookies:
In the same period, individuals used our website to report 37,561 concerns about unwanted marketing communications.
None of the 39 cookie law complaints generated any enforcement or action. No UK complaints filed to date have.
This week I wrote a two-part series on the costs of the EU Cookie law across the continent. The first dealt with the projected user and implementation costs, and the second dealt with revenue raised from penalty fines. The latter post explains why there was no point in releasing aggregated annual reports about the law in the UK after 2012.
On a personal note I am currently reading a book about the construction industry blacklist which ICO helped to break. ICO barely have the resources to track down and inform the thousands of men and women who were put under grotesque personal surveillance from the 1960s up until just a few years ago, and blacklisted in some cases from ever working again, for doing things as innocuous as complaining about an unsafe building site. To be honest, I have to put the book down a lot because it hurts too much. What has been done to these people further reinforces the absurdity of any data protection authority having to divert precious resources to investigating small businesses’ use of analytics cookies simply because an ill-advised directive told them to do so.
UK EU cookie law reports 2012-2015
|April – June 2012||258|
|July – September 2012||226|
|October – December 2012||114|
|January – March 2013||87|
|April – June 2013||75|
|July – September 2013||73|
|October – December 2013||53|
|January – March 2014||65|
|April – June 2014||38|
|July – September 2014||34|
|October – December 2014||43|
|January – March 2015||39|
About the author
Heather Burns is a digital law specialist in Glasgow, Scotland. She researches, writes, publishes, consults, and speaks extensively on internet laws and policies which affect the crafts of web design and development. She has been designing and developing web sites since 1997 and has been a professional web site designer since 2007. She holds a postgraduate certification in internet law and policy from the University of Strathclyde. Learn about hiring Heather to write, speak, or consult.