It may be that you would rather sit on your hands and carry on with business as usual than spend substantial sums on complying with requirements that are not currently being enforced.
This is a risky approach. It’s true that the ICO in the UK has not issued any fines in relation to non-compliance of cookie regulation…yet! The consensus is that fines are not far away with a number of organisations under investigation for breaking cookie regulation. The ICO has issued the largest fines of all European countries for other breaches of GDPR regulation (search BA and Marriott GDPR fines). The evidence suggests that when the ICO does bare its teeth – it bites hard! These are sizeable fines, but they pale into insignificance when you consider the reputational and brand damage.
DPAs in other European countries including Belgium, France and Portugal have all issued fines for cookie regulation breaches. Guidelines and clarification statements have been issued by most DPAs across Europe – so there is a distinct feeling that the party is over!
But the biggest risk to organisations choosing to do nothing is automated policing technology. The same underlying technology that enables a company to deliver compliance faster at lower cost and with less disruption, is available to DPAs to enable policing and enforcement. Delivered through an automated intelligent Risk Profiling Engine (RPE), it delivers policing prioritisation based on risk and continuous learning.
So, if you choose a non-compliance strategy in relation to cookies, you had better keep looking over your shoulder.
Deploying a CMP doesn’t have to be time consuming or expensive. Take the first steps with our Navigator service./ Navigator Service