Cookies: ICO 'all mouth, no trousers'

Information Commissioner Christopher Graham will be virtually powerless to crack down on companies which flout the EU cookie law – coming into force today – as his office simply does not have the resources to police the new legislation.
That is the stark reality according to industry sources, who claim the ICO has been “all mouth and no trousers” when it comes to enforcing the core Data Protection Act, let alone any new legislation. However, trade body the DMA claims its membership is more than ready.
Graham has been warning companies for weeks to ensure they comply with the new legislation, which is an amendment to the EU’s Privacy & Electronic Communications Directive. But yesterday, he told an ISBA conference that companies will have a year’s grace to comply before facing enforcement action. By then, it is hoped, browser-level solutions will be widespread.
Yet one source told DecisionMarketing: “There are thousands of companies which still flout the basics of the Data Protection Act but the ICO can’t track them down. What chance has it got of working out which companies are not complying with the new cookies law, when even the guidance it has given is patchy at best.”
Another data industry insider cites as evidence of the challenge ahead the fact that Graham’s office has only punished 1 per cent of data breaches since being given extra powers last year. Of the 2,565 data breaches recorded since April 2010, only 36 have resulted in a punishment, with just four resulting in a fine.
The insider said: “A couple of months ago Graham claimed a notification from the ICO was like a Mark of Cain. But that’s a joke. It’s a classic case of all mouth, no trousers. He has already admitted he will not be given any more funding to fight the cookies law, so exactly how will the ICO police this and all the other legislation it covers?”
Earlier this year, Privacy International branded the ICO “worse than incompetent” after it failed to take action against BT for leaking email addresses of suspected illegal file sharers.
Meanwhile, the DMA is urging its members and the wider industry to see the new cookies law as an opportunity to improve their websites rather than a hindrance.
DMA director of public affairs Caroline Roberts said: “The DMA welcomes the long-awaited regulations and is reassured by the government’s decision to allow businesses more time to come up with workable technical solutions before enforcement of the new law begins in the UK.
“Fortunately, our members are better prepared than most because the DMA has been briefing them for some time about the new regulations and continues to issue guidance and run workshops to enable them to develop best practice solutions.”

Cookies: ICO ‘all mouth, no trousers’

1 Trackbacks & Pingbacks