ICO warns top UK websites on cookie tracking

ICO warns top UK websites on cookie tracking

The Information Commissioner's Office (ICO) has issued warning letters to some of the UK's most visited websites, highlighting the need for changes to ensure compliance regarding cookie tracking.

The warning focuses on a website’s ability to offer users impartial options when it comes to personalised advertising tracking. Specifically, the ICO emphasises the importance of making it just as easy for users to reject advertising cookies as it is to accept them. Websites can still display ads even when users opt out of tracking, these ads must not be tailored to the individual.

Stephen Almond, the ICO Executive Director of Regulatory Risk, expressed unease about the use of personal information for targeted ads without user consent. Mr Almond cited some concerning examples regarding the use of targeted ads based on browsing history such as gambling addicts being targeted with betting offers based on their browsing record women being targeted with distressing baby advertisements following a miscarriage, and the inadvertent disclosure of a person’s sexual orientation through ads.

The letters provide these websites with a 30-day window to ensure they align with data protection laws and warn that failure to comply may lead to enforcement actions. Mr Almond stated:

‘We're giving companies who haven't managed that yet a clear choice: make the changes now, or face the consequences.’

The ICO will share an update on this initiative in January, including details of companies that have not addressed the concerns raised. This action is part of a broader effort by the ICO to uphold people's rights within the online advertising industry.

It’s very easy for companies to get cookie compliance wrong, but as the ICO is making it a clear focus, it’s a risk area which requires prioritisation. Once a company has a compliant process is in place, and relevant staff are aware of how to maintain it, cookie compliance is a relatively low resource box to tick, so it makes sense for companies to tick it sooner rather than later

Becky White, Senior Data Protection Solicitor

To avoid any potential issues and build a positive reputation among website users, we recommend businesses:

  1. Audit your cookie policies: conduct a thorough review of your website's cookie policies to ensure they align with data protection legislation (such as the Privacy and Electronic Communications Regulations) and ICO guidelines and that they are update.
  2. Update your cookie consent mechanism: make it a priority to provide users with fair and accessible choices when it comes to personalised advertising tracking. Transparency is key in building trust with your audience.  Make sure that the mechanism is effective and that the installation of (non-essential) cookies is being blocked until users have consented. 
  3. Educate your team: ensure that your team is appropriately informed about the latest developments in data protection laws. Create a process and provide training to ensure any changes to the cookies your website or app uses is reflected in your cookie policy and consent mechanism.

Our team of friendly, specialist data protection solicitors can help you implement these points with advice tailored to your business’ requirements, or for additional information, read our FAQs on cookie consent.

About our expert

Becky White

Becky White

Senior Data Protection & Privacy Solicitor
Becky is a highly experienced commercial lawyer, specialising in Data Protection and Privacy Law matters. She trained in at DAC Beachcroft in the City of London nearly 20 years ago, and then spent most of her career working in-house as the senior or sole legal adviser in a variety of sectors including Construction and Engineering, Oil and Gas, Government and Recruitment.


Our offices

A national law firm

A national law firm

Our commercial lawyers are based in or close to major cities across the UK, providing expert legal advice to clients both locally and nationally.

We mainly work remotely, so we can work with you wherever you are. But we can arrange face-to-face meeting at our offices or a location of your choosing.

Floor 5, Cavendish House, 39-41 Waterloo Street, Birmingham, B2 5PP
Stirling House, Cambridge Innovation Park, Denny End Road, Waterbeach, Cambridge, CB25 9QE
13th Floor, Piccadilly Plaza, Manchester, M1 4BT
10 Fitzroy Square, London, W1T 5HP
Harwell Innovation Centre, 173 Curie Avenue, Harwell, Oxfordshire, OX11 0QG
1st Floor, Dearing House, 1 Young St, Sheffield, S1 4UP
A national law firm

To access legal support from just £145 per hour arrange your no-obligation initial consultation to discuss your business requirements.

Make an enquiry