UK businesses are rejecting the latest internet marketing regulations according to new research by KPMG. One month before the regulations become law a massive 95% of firms claim they have not yet complied with new EU cookies law – internet marketing regulation that extends the nature of data protection to cover cookies that track certain types of consumer behaviour. Our suspicions are that among small SMEs, the number could be even higher. And the UK is not alone…
A KPMG study found about 95% of UK internet companies have yet to comply with new data protection rules due to come into force next month, limiting the use of tracking cookies, despite offenders potentially facing fines of up to £500,000.
Last year, the Information Commissioner’s Office (ICO) gave UK companies a year to get into line with the EU regulations, which require them to obtain consent before placing a cookie on a user machine.
Yet just five percent of the 55 major organisations surveyed by KPMG had got their websites up to scratch, indicating few are worried about repercussions, or understand the dangers of non-compliance.
The ICO has the ability to fine companies up to £500,000 if it believes an infraction is serious enough.
“With less than 50 days to go before enforcement, our analysis has found that the majority of UK organisations still need to complete substantial work to their websites. Time is running out for them so they need to act to avoid severe financial penalties,” said Stephen Bonner, a partner in the Information Protection and Business Resilience business team at KPMG.
The ICO said it was clear many websites still have much work to do. “We are almost at the end of the year long lead in period and it is vital that organisations start demonstrating that they are moving towards becoming compliant,” a spokesperson said.
“The ICO continues to work with the Department for Culture, Media and Sport as well as other industry bodies including the Internet Advertising Bureau and website operators to help websites in the UK become complaint with the new changes brought in by the amended Privacy and Electronic Communications Regulations.