The issue concerns the automatic placing of cookies on a user’s mobile device when accessing the ICO’s website. Being automatically used essentially deprives users of the option to give consent, which is in breach of Privacy and Electronic Communications Regulations 2003, which sit alongside GDPR.
This discrepancy comes on the heels of an inspection by the European Data Protection Supervisor (EDPS) into the websites of ten major EU institutions and public bodies. This inspection revealed where it was found that seven out of those ten had data protection issues and were either non-compliant with the ePrivacy Directive or failed to follow EDPS guidelines.
The irony hasn’t been neglected by users though who have begun doubting that there is a compliant tool to use in their GDPR efforts.