Tues, 12 June 2012 | Tristan Neagle, founder and director of Just Recruitment Websites
On 26 May 2012, the Information Commissioner’s Office (ICO) started to enforce the revised EU e-Privacy Directive (AKA 'The EU Cookie Law').
In a nutshell, this is what’s changed:
The reason for the change is sound: it aims to tackle certain privacy concerns about the way cookies are used on websites, including their ability to enable targeted marketing.
Importantly, this means the new EU e-Privacy Directive is not limited to cookies alone as it also includes “any similar technologies”. However, the new legislation has been incorrectly dubbed “The EU Cookie Law” which is confusing and has led many to believe that the law applies to cookies only.
Furthermore, businesses that fully comply with the new law may lose visitors or severely limit the functionality of their website. Ironically, this will disadvantage them against companies that choose to ignore the law or those that take a more relaxed attitude towards compliance.
Due to the potential costs and business risks involved, response to the legislation has been mixed. In summary though, website owners are left with three main options:
•Option 1 is to do nothing, deliberately contravene the new law and to wait and see how the situation unfolds before investing the resources necessary to deal with the legislation.
•Option 2 is to take a moderate amount of action, which would put the business in a defensible position should any action or investigation take place. For some websites, this could take the form of so-called ‘implied consent’ – a solution which the ICO has recently confirmed as a possible route for compliance.
The maximum penalty for breaking the new EU e-Privacy Directive stands at £500,000. However, many industry professionals have been sceptical about whether it will be practical or possible to enforce the law and the ICO itself has stated that financial penalties are a long way off.
Nevertheless, enforcement is well underway with the ICO initially choosing to write to 50 of the UK’s busiest websites to ask for information about what steps have been taken.
To date, it appears that the vast majority of websites (including most of the UK’s 20 largest recruitment websites) have yet to respond to the new law. Reed and Guardian Jobs are notable exceptions, both choosing to implement an ‘Implied Consent’ solution. However, many other websites appear to have taken little (or no) direct action.
Nevertheless, the situation is changing day by day as the ICO begins to enforce the new law and more companies unveil their solution on this difficult issue. As such, all recruitment website owners are urged to make an immediate and conscious decision relating to the new legislation.