ICO to use AI to test website cookie compliance

ICO to use AI to test website cookie compliance

Continuing its robust efforts to address compliance issues with cookie tracking on websites, The Information Commissioner's Office (ICO) is set to use artificial intelligence to help identify non-compliant websites. So far, its warnings have focused on a website’s ability to offer users impartial options around personalised advertising tracking, emphasising the importance of making it just as easy for users to reject advertising cookies as it is to accept them.  

In December 2023, the data protection regulator issued warning letters to 100 of the UK's most visited websites requesting them to make changes to give users free choices around advertising cookies. 

The regulator expects all websites which deploy advertising cookies or similar technologies to give people a fair choice on their use. To this end, the regulator is now exploring adopting an AI solution to drive its enforcement action further.  

The ICO stated: 

We will not stop with the top 100 websites. We are already preparing to write to the next 100 – and the 100 after that. To accelerate our efforts, we are developing an AI solution to help identify websites using non-compliant cookie banners. We’ll run a ‘hackathon’ event early in 2024 to explore what this AI solution might look like in practice.

How these potential enforcement tools will be rolled out in practice remain to be seen. However, what is clear that the ICO has warned of its continuing powers to clampdown on non-compliant businesses. As such, now is the time for businesses to get their houses in order and ensure compliance with cookie law rules.  

Becky White, our Senior Data Protection Solicitor, comments: 

It’s very easy for companies to get cookie compliance wrong, but as the ICO is making it a clear focus, it’s a risk area which requires prioritisation. Once a company has a compliant process is in place, and relevant staff are aware of how to maintain it, cookie compliance is a relatively low resource box to tick, so it makes sense for companies to tick it sooner rather than later

To avoid any potential issues and build a positive reputation among website users, we recommend businesses: 

Audit your cookie policies: conduct a thorough review of your website's cookie policies to ensure they align with data protection legislation (such as the Privacy and Electronic Communications Regulations) and ICO guidelines and that they are update. 

Update your cookie consent mechanism: make it a priority to provide users with fair and accessible choices when it comes to personalised advertising tracking. Transparency is key in building trust with your audience.  Make sure that the mechanism is effective and that the installation of (non-essential) cookies is being blocked until users have consented.  

Educate your team: ensure that your team is appropriately informed about the latest developments in data protection laws. Create a process and provide training to ensure any changes to the cookies your website or app uses is reflected in your cookie policy and consent mechanism. 

In summary, now is the time for your website to get on top of cookie law compliance. The ICO’s continuing clampdown is a grave warning to businesses to take compliance seriously.  

If the ICO’s proposed AI solution is developed to identify non-compliant cookie banners, it may be that the regulator accelerates its enforcement and penalises businesses quicker.  

A lot of businesses find cookie banners and cookie law compliance difficult to navigate practice. However, prevention is always better than cure and it is far better to achieve compliance now rather than face the threat of regulatory action against your business. Our team of friendly, specialist data protection solicitors can help you implement these points with advice tailored to your business’ requirements, or for additional information, read our FAQs on cookie consent

What next?

Please leave us your details and we’ll contact you to discuss your situation and legal requirements. There’s no charge for your initial consultation, and no-obligation to instruct us. We aim to respond to all messages received within 24 hours.

Your data will only be used by Harper James Solicitors. We will never sell your data and promise to keep it secure. You can find further information in our Privacy Policy.

Our offices

A national law firm

A national law firm

Our commercial lawyers are based in or close to major cities across the UK, providing expert legal advice to clients both locally and nationally.

We mainly work remotely, so we can work with you wherever you are. But we can arrange face-to-face meeting at our offices or a location of your choosing.

Head Office

Floor 5, Cavendish House, 39-41 Waterloo Street, Birmingham, B2 5PP
Regional Spaces

Stirling House, Cambridge Innovation Park, Denny End Road, Waterbeach, Cambridge, CB25 9QE
13th Floor, Piccadilly Plaza, Manchester, M1 4BT
10 Fitzroy Square, London, W1T 5HP
Harwell Innovation Centre, 173 Curie Avenue, Harwell, Oxfordshire, OX11 0QG
1st Floor, Dearing House, 1 Young St, Sheffield, S1 4UP
White Building Studios, 1-4 Cumberland Place, Southampton, SO15 2NP
A national law firm

To access legal support from just £145 per hour arrange your no-obligation initial consultation to discuss your business requirements.

Make an enquiry