As of May 26, 2012, websites operating in the UK are required to follow a privacy rule called the “UK cookie law,” which says users must agree to share personally identifiable information with websites.

Cookies are data-carrying digital information files that help site functionality. But they’re also used to track online activity — and that information is typically sold to advertisers.

UK Cookie Law: Penalties

The law went into effect in the U.K. on May 26, 2011, but companies were given a year’s grace period to adjust.

So, what’s the punishment for breaking the UK cookie law? A fine up to 500 pounds (for the first offense).

How To Comply With The UK Cookie Law

A non-official YouTube video, “The stupid EU cookie law in 2 1/2 minutes,” explains the topic succinctly (but makes no pretense of neutrality).

The ICO’s website contains details about the Cookie Law, including an FAQ section and information about cookies.

Do U.S.-Based Companies Have To Comply With The UK Cookie Law?

In short, yes, U.S.-based companies doing business in the United Kingdom — or anywhere in the EU really — should make strides to comply with the UK Cookie Law.

If you would like to talk to an international online privacy lawyer about the standards, contact us today.