The Information Commissioner’s Office has published advice (pdf) aimed at providing advice to businesses running web sites on how to comply with incoming ‘cookie’ laws which come in force on the 26th of May.
"You will need a user’s consent if you want to store a cookie on their device," said the ICO advice relating to browser cookies stored on computers in order to collect statistics or store settings.
"The ICO recognises that cookies perform a number of legitimate functions. We also recognise that gaining consent will, in many cases, be a challenge," they added.
Businesses have less than three weeks to implement the changes to come into compliance with the new laws. Calling the changes a "challenge" is putting it mildly, and will have wide ranging ramifications for constantly annoying cookie requests or reduced functionality as sites simply opt not to offer customised settings.
Yet such site specific cookies are merely the tip of the iceberg. The ICO document was particularly vague when it comes to third-party cookies, something which is implemented by a vast array of web sites as part of third party advertising networks.
In a guidance document littered with vague statements, the ICO admitted that third-party cookies would be the "most challenging area in which to achieve compliance with the new rules."
"We are working with industry and other European data protection authorities to assist in addressing complexities and finding the right answers," the ICO advice stated.