We received 195 concerns about cookies via our website in the previous financial year (April 2016 to March 2017). In that period we received 167,018 concerns about nuisance calls, text messages and emails. It is important to note that many of the concerns we received about cookies did not relate to individual sites or provide any information about specific instances of non-compliance.

Concerns reported about cookies via the ICO website


Our approach is to focus on sites that are doing nothing to raise awareness of cookies, or get their users’ consent, particularly those visited most in the UK. However, we have maintained a consumer threat level of ‘low’ in this area due to the very low levels of concerns reported by members of the public.

When consumers raise their concerns with us, we either conduct our own compliance check or write to the organisation concerned asking for an explanation about their compliance. We have written to 418 organisations since October 2012 (as of 4 July 2017), specifically about compliance with the cookie rules.

We also continue to investigate individual cases where we believe failure to comply with cookie rules has led to personal data not being processed in compliance with the Data Protection Act 1998.

We published the above information on 13 July 2017.