ICO guidance on cookies and similar technologies

10 July 2019


The Information Commissioners Office (ICO) has published new guidance on the use of cookies and similar technologies which are used for storing information, and accessing information stored, on a user's equipment such as a computer or mobile device.


Since the General Data Protection Regulation (GDPR) came into effect last May, there has been a great deal of interest in how it applies to cookies and similar technologies.


The rules on the use of cookies are in the Privacy and Electronic Communications Regulations (PECR), not the GDPR, however, some of PECR’s key concepts now come from the GDPR – such as the standard of consent.


If you operate an online service, such as a website or a mobile app, and need a deeper understanding of how PECR applies to your use of cookies, then you can read the new guidance on the use of cookies and similar technologies.


The new guidance, highlighted in a recent blog from the ICO, is intended to provide more clarity and certainty about how you can use cookies in your online service. The blog also clears up some of the uncertainty that has developed around cookies since last year. Read the blog to find out the facts behind the following myths:


  1. We can rely on implied consent for the use of cookies
  2. Analytics cookies are strictly necessary so we do not need consent
  3. We can use a cookie wall to restrict access to our site until users consent
  4. We can rely on legitimate interests to set cookies, so we do not need consent
  5. The ICO wants online services to stop using cookies and similar technologies