Hello
It's really about individual organisation's appetite for risk. The latest guidance from the ICO (pdf at http://bit.ly/sMSUvk ) specifically covers analytics cookies in the very last section. See below with my emphasis using *'s.
John
We only use analytical cookies – if nobody consents that will seriously restrict the amount of information we can get to improve and develop our website
The Regulations do not distinguish between cookies used for analytical activities and those used for other purposes. We do not consider analytical cookies fall within the ‘strictly necessary’ exception criteria. This means *in theory* websites need to tell people about analytical cookies and gain their consent.
*In practice* we would expect you to provide clear information to users about analytical cookies and take what steps you can to seek their agreement. This is likely to involve making the argument to show users why these cookies are useful. Although the Information Commissioner cannot *completely* exclude the possibility of formal action in any area, it is *highly unlikely* that priority for any formal action would be given to focusing on uses of cookies where there is a low level of intrusiveness and risk of harm to individuals. *Provided clear information* is given about their activities we are *highly unlikely* to prioritise first party cookies used only for analytical purposes in any consideration of regulatory action.
****************************************************************
website: http://museumscomputergroup.org.uk/
Twitter: http://www.twitter.com/ukmcg
Facebook: http://www.facebook.com/museumscomputergroup
[un]subscribe: http://museumscomputergroup.org.uk/email-list/
****************************************************************
|