New European rules on data protection and tracking cookies will be backed in the UK by new powers for the Information...
Commissioner's Office (ICO).
The ICO has been given new auditing and investigatory powers and the authority to levy fines up to £500,000 for failing to comply with new EU data protection rules.
Despite increased enforcement powers for the ICO, companies have been granted an extension to comply with the new rules that officially come into force on 25 May.
The new EU e-privacy directive requires website operators to obtain consent from users to store tracking information known as cookies on their PCs.
The government has backed the European advertising industry's proposals to create a Europe-wide icon for behavioural advertising that clicks through to a simple mechanism which provides consumers with full transparency, allowing them to opt out through a dedicated consumer website.
But, because of the complexity of the issue, the government will not enforce the ruling while technical controls are developed, to give website operators time to work out how they are going to deal with the issue, according to the Financial Times.
Consent will be required for any cookies that are not strictly necessary for the provision of the service, and the ICO will hold website operators responsible for any failures to comply with the rule, deputy Information Commissioner David Smith told Infosecurity Europe 2011 in London.
The ICO has indicated it will issue guidance in how it will enforce its new powers before 25 May.