In May 2011 the Information Commissioner published new guidance on cookies and announced that he would allow organisations a year-long period to work towards compliance with the new changes. Now the ICO has updated the guidance. You can download it from the panel opposite or from here.
The ICO stress that there’s no ‘one size fits all approach’; they think that organisations themselves are best placed to develop their own solutions.
In response to some of the frequently asked questions, the ICO has even put together a short YouTube video.
The guidance has been updated to clarify the following points around implied consent:
· Implied consent is a valid form of consent and can be used in the context of compliance with the revised rules on cookies.
· If you are relying on implied consent you need to be satisfied that your users understand that their actions will result in cookies being set. Without this understanding you do not have their informed consent.
· You should not rely on the fact that users might have read a privacy policy that is perhaps hard to find or difficult to understand.
· In some circumstances, for example where you are collecting sensitive personal data such as health information, you might feel that explicit consent is more appropriate.