The Information Commissioner’s Office is targeting 75 of the UK’s most popular websites – including those run by Tesco, Amazon, Sainsbury’s, and John Lewis – asking for proof within 28 days that they are moving towards compliance with the EU’s new cookie law.
The full list also includes Apple, the BBC, Department for Transport, eBay, Google, HSBC, Lloyds TSB, the Met Office, Microsoft, the National Lottery, Network Rail, the NHS, Scottish Government, the Cabinet Office, Virgin Media and Yahoo.
The e-Privacy directive finally became enforceable on 26 May – following 12-months’ grace – although last week it was revealed that most government sites would miss the deadline.
A letter sent out by the ICO reads: “Our expectation is that you will now be able to demonstrate the action your organisation has taken to comply with the revised rules for cookies.
“If your organisation has not yet achieved compliance, please provide an explanation about why it has not been possible to comply within time, a clear timescale for when compliance will be achieved, and details of specifically what work is being done to make that happen.”
The companies have been given 28 days to provide this information to the Information Commissioner.
It is also highlighted that the ICO has a range of options available to it to take formal action, where companies cannot prove that they are working towards compliance within reasonable timeframes, including possible fines of up to £500,000.
Cookie consent ‘still baffles firms’
Govt sites to miss cookie deadline
90% of consumers back cookie law
DMA: Use cookie law to build trust
ICO tool to report cookie miscreants
Cookies law to cost UK firms £10bn
Cookie laws rocked by mass boycott