Partner Article

Business must comply with online privacy regulations

Businesses must comply with regulation covering online privacy, or risk tough penalties for non-compliance according to Bluefin Insurance.

New changes will require web visitors to give consent for websites to download ‘cookies’ which gather information about a users online activity. This will mean that websites which count numbers of visitors of record what visitors buy will have to make major changes to their website.

Peter Castle, Executive Director at Bluefin, said: “This exposure is having the tendency to raise the risks arising from data security breach from the IT department to the boardroom as a corporate governance exposure due to the potential impact on business operations, the potential liability for fines and compensation, and the fear of reputational damage.

Most businesses currently have a tick box system to allow visitors to opt out of having cookies downloaded to their computer, but as of next month theu will need to provide much more information to allow visitors to make their own decision - or risk a fine of up to £500,000.

He continued: “Any business which runs a website will use cookies in some form, so this change will have a widespread effect and companies need to be prepared for the new law.

“Until now the responsibility for allowing the sharing of personal data lay with the web visitor, however the onus is now on the website proprietor to ensure its customers understand that this information will be downloaded by the website.

The new rules will apply to every type of cookie, except for those strictly necessary for a service requested by the user, such as when a user adds a product to their virtual shopping basket. While most businesses are clear of the role cookies play, others do not realise now widespread their use is.

From now on, websites will need to gain consent to remember the login and password details of users.

“Businesses need to carefully consider how they will implement the new regulations as there is a risk that obtaining these consents will become cumbersome to the web visitor and they may leave the site completely.” Peter added.

“Businesses need to weigh up the value of gaining certain information from a user against adversely affecting the visitor’s experience.”

This was posted in Bdaily's Members' News section by Ruth Mitchell .