Since many of those "companies" are non-UK I would guess the answer would be "?".

The ICO has to appear to be "being busy", "enforcing" and "having a clue"..the reality is very very different :)

Why am I reminded about the explanation of the internet being a bunch of tubes from some US senator?

My generation will be happier when these dinosaurs are extinct!

Since many of those "companies" are non-UK I would guess the answer would be "?".

Not quite as simple as it might seem on the surface.

Note that many of those non-UK companies are listed by what appears to be a UK holding company name like Yahoo UK, etc. which means that they must comply.

Except that they choose to pay what taxes they pay ..outside the UK..

Were the decision to chase them for compliance based upon where they were "fiscally domiciled" ( as accepted by UK HMRO and HMCE ) it would make a little more sense..not much but a "little" :)

Also sending it to such as the BBC who were in total compliance from "day 1" and verification of such "compliance" would have take a mere 5 minute "browser visit" by the ICO...the "if" in "If your organisation has not yet achieved compliance" would have been made totally redundant..and the postage cost and secretarial time involved in the drafting and sending of that letter saved for the UK taxpayer :)

But then had the ICO only sent letters to those who were not "complying", they would not have appeared to be "looking busy" "enforcing" and "having a clue" in the eyes of the general public..

They don't care about their image with us , any more than they care about actual compliance by those who are really doing the intrusive tracking that the laws were drawn up to rein in ..

Either the ICO are trying to ignore the "Elephant in the room"..( Google and their "personalisation" tracking via analytics, history , doubleclick etc ) and pass the responsibility off on webmasters who use Google's products ..( one must remember the influence of Google goes to the very top in UK politics..so they can have laws and their enforcement "tailored" to suit them )..or the ICO genuinely don't have a clue..

The problem is, having read the ICO statements and seen their "interviews", it is very difficult to decide whether they have been told what to do by politicians who wish to make others ( small webmasters) responsible for the "elephant crap" and the personalisation tracking/ stalking by Google..or if they genuinely don't have a clue, but are blowing smoke and spinning mirrors to the IT illiterate ( of which they may well be part ) until their pensions fall due, or they can get jobs with those whom they are supposed to be protecting the voters from..

The abrupt career changes of certain ex members of the FTC charged with investigating Google in the USA come to mind..perhaps the ICO are hoping to be offered such career enhancing opportunities before the heat gets turned up on the Elephant..if it ever does..so much more simple, to make some distracting and camouflaging smoke, roasting some webmasters over third party cookies in the legislative barbecue..

The Cookie directive is a load of crap IMHO, because it solves a problem that was already solved. Every modern browser provides ways to configure and deal with cookies.

On the contrary it makes thing worse. I automatically clear all cookies when I close my browser.

Which means I will get a nag screen asking me if I am willing to accept cookies every single time I want to access a website.

Now I have to wait for the first "Auto Confirm Cookie" Firefox add on.

The main problem as I see it, is that many users will soon decide to only use sites that don't nag them about cookies. Which means the ICO has inadvertently achieved the opposite of what it aimed for. It was stupid to start, it will soon become even more ridiculous.

Why is this always called the "EU cookie law"? It is a EU directive about privacy, the UK lawmakers made this cookie nonsense out of it. And now that they notice that it may not have been a good idea after all, they blame it on the EU (again), like all the national politician in Europe like to do it.

Cookies that are strictly necessary are exempt and an implicit agreement is all that is needed, for example session cookies for an add to basket.

Analytics, however might not be argued as strictly necessary.

So you can run a site without an annoying nag screen, but you can't spy on your users too much

"Officials in Europe this week are hoping to set clearer rules for online advertisers with new guidelines that are supported by the continent’s leading digital privacy agencies."

And after the Lord Mayor's Show...

"... an audit by KPMG found 80 percent of UK firms failed to follow ..." the cookies law. As few as that? My bank seems to have got around it by showing a (deletable) message when I log in saying, "Read about cookies" - and that's it.

Ref:
[threatpost.com...]

Seems to me SO FAR, this has all setteld down. Most large sites are displaying some sort of message about cookies now, and most viewers are totally confused and just ignore the message.

What a total waste of everyone's time. And the law-enforcers on this matter, whoever they are, have absolutely no idea if sites are conforming or not. They are now in the position of having to examine the law and work out if sites in general are conforming or not. And that is concentrating their minds on just how stupid the law-makers have been.

>concentrating their minds on just how stupid the law-makers have been.

I don't know the lawmakers can even see that.
It's the law enforcement agency, ICO, which has to deal with it, and they are the ones that see it.