UK Cookie Enforcement Report: Relevant to Canada


On December 18, 2012, the UK Information Commissioners’ Office (ICO) issued an enforcement report on compliance with the rules regarding obtaining consent to the use of cookies and similar technologies.

North Americans accessing UK-based websites that are not distinguishing between IP addresses of EU visitors and North American users, may have noticed “cookie banners” when they visit the UK website. These “cookie banners” respond to the requirements of the Privacy and Electronic Communications (EC Directive (Amendment) Regulations of 2011, which the UK Information Commissioner’s Office began to enforce in May 2012. Typically the banner will appear at the top of the web page or float semi-transparently on the web page until closed by the visitor. The banner provides information on the use of cookies on the website, links to further information, including methods of opting out.

The ICO has helpfully provided examples of cookie banners that it considers to be compliant with the cookie rules.

The Office of the Privacy Commissioner of Canada (OPC) has made it clear in recent decisions and in its guidance on behavioural advertising that organizations must be transparent about their use of cookies and should consider alternative methods than privacy policies for explaining that cookies are being used, the purpose for their use and the ability of the website user to opt-out of tracking cookies. Although not yet in force, Canada’s Anti-Spam Legislation (CASL) provides that an organization must have express consent to install a computer program on a person’s computer. A “computer program” has been defined broadly to include a cookie. An organization will be considered to have expressly consent if the person’s conduct “is such that it is reasonable to believe” that the person has consented to the installation of the cookie.

Although the UK cookie rules are not directly applicable in Canada, organizations may consider reviewing the ICO’s enforcement report when considering revising their cookie disclosure practices in light of the OPC’s guidance and the requirements in CASL.

Tim Banks is a partner in FMC's Toronto Office. He is also the head of the Toronto Research Group, which provides reasoned opinions on litigious or potentially litigious issues.


Written by:

Published In:


DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Dentons | Attorney Advertising

Don't miss a thing! Build a custom news brief:

Read fresh new writing on compliance, cybersecurity, Dodd-Frank, whistleblowers, social media, hiring & firing, patent reform, the NLRB, Obamacare, the SEC…

…or whatever matters the most to you. Follow authors, firms, and topics on JD Supra.

Create your news brief now - it's free and easy »

All the intelligence you need, in one easy email:

Great! Your first step to building an email digest of JD Supra authors and topics. Log in with LinkedIn so we can start sending your digest...

Sign up for your custom alerts now, using LinkedIn ›

* With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name.