In internet parlance, a cookie is a scrap of code that websites drop onto your machine to store information about users. They are in commonplace use and extremly useful. For instance, when a website remebers you the next time you visit, that is the work of a cookie. As with all technology though, needless to say, they can be used maliciously too.
When the new regulation came into force, the ICO (Information Commissioner’s Office) offered a one year moratorium to firms to comply. That free pass has now expired and the ICO is writing to organisations asking for proof that they have complied.
eBay and Amazon have been contacted, as have Apple, the BBC, Department for Transport, Google, HSBC, John Lewis, Lloyds TSB, the Met Office, Microsoft, the National Lottery, Network Rail, the NHS, Sainsburys, Scottish Government, Tesco, the Cabinet Office, Virgin Media and Yahoo. The ICO has provided a full list here.
The organisations have been given 28 days to provide proof of compliance or explain how they will move to compliance. The letter from the ICO reads:
“If your organisation has not yet achieved compliance, please provide an explanation about why it has not been possible to comply within time, a clear timescale for when compliance will be achieved, and details of specifically what work is being done to make that happen.”