The May 26th UK deadline for compliance to the EU ePrivacy Directive has come and gone.
The result? Confusion among eBusiness executives. Some action. Some sites are informing us of what they are doing. Many aren’t. And a last minute refresh of compliance guidance from the Information Commissioners Office.
The ICO has been steering UK organizations toward compliance for a while, though this steering has been frustratingly vague. But to give credit where credit is due, it released a last-minute guide, which is actually very helpful. Rather than reproduce the content here, I encourage you to read this blog post and download the PDF linked on the page.
The ICO has been taking an admirably pragmatic approach to compliance. The latest document sets out definitions of "implied consent," "session," and "persistent" cookies (among other things) as well as delivering some useful tips on how to inform consumers, even looking at the style of language needed. It's a real shame for UK sites that this guidance was issued at literally the eleventh hour. But as many UK sites have still yet to take any action, this guidance will still be helpful.
The situation in the rest of Europe is also beginning to become clearer.