Businesses to comply with new website privacy laws

UK small businesses could face fines of up to £500,000 if they fail to meet tough new website privacy laws which come into force this month.

Commercial law firm EMW warns that regulation to come into effect on 25 May will mean that visitors to company websites will have to give permission for the website to download ‘cookies’, temporary computer files which gather information about the user’s online activity.

Cookies are activated by a user when they access particular pages on a site. The cookie is sent from the website to the user’s computer and remains once they leave the site. When the user returns to the site the cookie allows the website to remember their preferences and settings.

Matthew Holman, solicitor at EMW, says, ‘The effect of this change in the law will be far-reaching; any business that has a website will almost certainly use cookies at some point or other. The upcoming deadline is a wake-up call for those businesses that have not yet updated their website to gain consent from users.’

EMW explains that the old law only required businesses to give users the opportunity to ‘opt out’ and was often done by referring to the cookies in a privacy policy.

The company adds that businesses need to take three practical steps to prepare for the new rules: review what cookies are used by their website, decide on the appropriate course of action to ensure that consent is obtained for the use of cookies (ie using pop-ups or banners on the website to obtain consent), and ensure that these measures are implemented on or before the 25 May 2012.

Holman concludes, ‘The risk of a £500,000 fine for extreme infringements of the rules should send a strong message to businesses that they must be ready in time.’

Related Topics