120119 ukgc12-cookies

•Als ODP, PDF herunterladen•

1 gefällt mir•338 views

#ukgc12 presentation on the EU cookies directive, what it means for public sector web managers and how to come with the issues raised.

Technologie

Peter McClymont Web content manager North Devon Council @iamadonut @ndevoncouncil #WeeklyBlogClub

www.ico.gov.uk www.allaboutcookies.org/ www.cookielaw.org

“ The EU Cookie Directive” Directive 2009/136/EC of the European Parliament and of the Council of 25 November 2009 amending Directive 2002/22/EC on universal service and users’ rights relating to electronic communications networks and services, Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector and Regulation (EC) No 2006/2004 on cooperation between national authorities responsible for the enforcement of consumer protection laws Text with EEA relevance

Article 3 "Member States shall ensure that the storing of information, or the gaining of access to information already stored, in the terminal equipment of a subscriber or user is only allowed on condition that the subscriber or user concerned has given his or her consent , having been provided with clear and comprehensive information, in accordance with Directive 95/46/EC, inter alia, about the purposes of the processing. This shall not prevent any technical storage or access for the sole purpose of carrying out the transmission of a communication over an electronic communications network, or as strictly necessary in order for the provider of an information society service explicitly requested by the subscriber or user to provide the service."

The Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011 came into force on 26 May 2011

“...a person shall not store or gain access to information stored, in the terminal equipment of a subscriber or user unless the requirements of paragraph (2) are met...” “(2) The requirements are that the subscriber or user of that terminal equipment “(a) is provided with clear and comprehensive information about the purposes of the storage of, or access to, that information; and “(b) has given his or her consent.” Regulation 6 of the Privacy and Electronic Communications Regulations 2003 (PECR)

The regulation requires: “[that] website owners … get consent in order to store or access information (including cookies) on users’ computers – unless the cookie is strictly necessary to provide a service requested by the user .” Source: ICO

Information Commissioner Enforcing body in the UK

decide on solution for gaining user's consent

manual checking of www.northdevon.gov.uk pages containing third party content using Firefox web developer tools

manual checking of webforms using Firefox web developer tools

manual checking of third party web ends – planning, payments, licensing, benefits calculator - using the Firefox web developer tools

information from third party suppliers – Northgate, Innogistic, Ovaltech, Lalpac, Civica

Name: _utma Typical content: randomly generated number Expires: 2 years Name: _utmb Typical content: randomly generated number Expires: 30 minutes Name: _utmc Typical content: randomly generated number Expires: when user exits browser Name: _utmz Typical content: randomly generated number + info on how the site was reached (e.g. directly or via a link, organic search or paid search) Expires: 6 months

Exceptions (a) for the sole purpose of carrying out the transmission of a communication over an electronic communications network; or (b) where such storage or access is strictly necessary for the provision of an information society service requested by the subscriber or user. Source: ICO

Activities likely to fall within the exception ,[object Object]

Weitere ähnliche Inhalte

Was ist angesagt?

What is the new data protection regulation GDPR and why should you care? Jesp...

Exove

Evertio Schrems II

Fanny Surjana

CEE CMS Data Protection webinar series - Part 2

CMSLondon

CEE CMS Data Protection webinar series - Part 1

CMSLondon

EU-US Privacy Shield - Safe Harbor Replacement

GACC_Midwest

EU General Data Protection Regulation

Ramiro Cid

Eu rtbf criteria

Greg Sterling

GIG Working Paper 02/2017 - The Definition of Personal Data

IAB Europe

EU Cookie Directive Report On Compliance In The UK And Ireland

Krishna De

Amicus curae roskomsvoboda_echr_kharitonov case

Sarkis Darbinyan

The Privacy Advantage 2016 - Ruth Boardman

Krowdthink

Regulation (EU) 2016_679_GDPR_Overview_June 2016

John Greenwood

Was ist angesagt? (12)

What is the new data protection regulation GDPR and why should you care? Jesp...

Evertio Schrems II

CEE CMS Data Protection webinar series - Part 2

CEE CMS Data Protection webinar series - Part 1

EU-US Privacy Shield - Safe Harbor Replacement

EU General Data Protection Regulation

Eu rtbf criteria

GIG Working Paper 02/2017 - The Definition of Personal Data

EU Cookie Directive Report On Compliance In The UK And Ireland

Amicus curae roskomsvoboda_echr_kharitonov case

The Privacy Advantage 2016 - Ruth Boardman

Regulation (EU) 2016_679_GDPR_Overview_June 2016

Ähnlich wie 120119 ukgc12-cookies

Eprivacy issues and standards -- where do we stand?

Anna Long

Agenda 21 eu cookie seminar - david naylor - field fisher waterhouse

agenda21

Unlock the definitive guide to managing your online tracking technology vendors effectively. This webinar delves into a comprehensive and actionable set of best practices that every organization needs. From meticulous website scans to in-depth contract reviews, from precise consent categorization to harmonizing diverse frameworks, our checklist ensures you cover all the crucial touchpoints. Equip yourself with this essential framework and confidently navigate the complex landscape of online tracking compliance, using our step-by-step roadmap as your trusted reference. Join our panel of experts in the webinar as they equip you with the knowledge and strategies for navigating vendor relationships under CPRA.

TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...

TrustArc

Cookies and European Union Law

Reactive, part of Accenture Interactive

Marc Southern

2012-Oct: Effect of EU cookie law on US organisations

Phil Pearce

The EU ePrivacy Directive - Navigating the UK Cookie Law

Silverpop

Ico advice on_the_new_cookies_regulations_may2011

Osnat Ben-Nesher Zaretsky

Browser-based Crypto M, C. F Mondschein

Napier University

Customer data needs safe handling, and unbridled use of various data tracking technologies can hinder data security. Therefore, business owners and marketers should emphasize identifying the potential harm of using data collection technologies. Cookies have long been known to bring setbacks to global corporations. However, other technologies can also set a business on fire if not used responsibly. This handbook will focus on the cookie consent requirements for businesses that deal with the European Union and U.S. customers. Part 1: Understanding Data trackers, Consumer Data Privacy Rights, and the need for prioritizing privacy management processes within an organization. An Overview of Web Cookies Cookies are small pieces of text that websites place on user devices (smartphones, tablets, PCs.) Websites use cookies for a variety of reasons. While some cookies are ‘essential’ for a site’s functioning, others are placed on user devices for fulfilling specific purposes. The essential cookies allow the proper functioning of a website’s features (such as identifying a registered user or locking users’ language preferences.) These cookies also let playing embedded videos without affecting website speeds. On the other hand, a website can work fine without the ‘non-essential’ cookies. Websites use these cookies to gather specific information about visitors. The data collected by these cookies contain, but is not limited to: Use activity on various pages Individual’s web browsing history Users IP address Social Security Number Payment Details Types of cookies Internet cookies are classified into two categories: Based on lifespan There are two types of cookies based on their active duration on a user device (smartphone, PC, tablet.): Session Cookies: These cookies remain active on a browser until the user exits a website. The expiry time of session cookies varies for the ‘session duration’, the amount of time a user spends on a website. Persistent Cookies: These are cookies used to perform deliberate data collection even after visitors exit a website. Also known as ‘tracking’ or ‘stored’ cookies, these do not get deleted when visitors leave a website. Instead, persistent cookies can stay active on user devices for up to 2 years. There’s another type of persistent cookie called a Super Cookie. The website visitor cannot detect it as it does not land in the location where other browser cookies are stored on user devices. This type of web cookie is also notoriously hard to remove as it rebuilds upon deletion. Based on the source of origin Web cookies can originate from two kinds of sources: https://adzapier.com/cookie-consent-management

Cookie Consent and Authorized Data Collection_Mar23.pdf

Adzappier

The advent of cookies since the inception of the internet has particularly helped marketers and advertisers to cash in on much profit through online users' personal data. But this is the competitive edge that only a handful of companies can enjoy anymore. Checklist to comply with EU cookie law Display a cookie banner on a user's first visit Inform users of the cookies and their purposes. Collect users' active consent Provide users with 'accept' or 'reject' cookies button. Give users the option to opt-in to specific cookie categories. Provide detailed information – the name of the cookie provider, description, and cookie duration Give users a user-friendly option to withdraw consent. Do not use cookie walls that prevent access to the website unless the user accepts cookies. Do not use pre-ticked boxes Block third-party cookies until the user’s consent Record cookie consents for proof of compliance Do not set cookies if the user is scrolling or continuing to use a website. Cookie wall vs. paywall, what's the difference? A cookie wall is a mechanism wherein a user has no option other than to accept the processing of cookies to get access to the website. Advertisers monetize content for the user to access it by either a paid subscription or subscribing with email. This is paywall. Austrian and French DPAs have already concurred that the paywall system is valid as long as the subscription to the site gives away the content at a modest and fair cost so that users' free choice doesn't constrain. https://adzapier.com/the-cookie-consent-guide-building-a-customer-centric-brand

A-Z Guide to Cookie Consent and Cookie Laws Around the World.pdf

Adzappier

EU Cookie Directive

luis-ferro

Cookies guidance v3

Andy Ryu

International Chamber Of Commerce UK - EU Cookie Directive Guide

Krishna De

Browser ‘cookies’ are the life blood of online marketing. They tells us where our site traffic comes from, in what quantities and what it does when it gets there. But the humble Cookie is under threat from many angles. Come May 26 2012, European privacy laws come into force. All UK websites must offer users opt-in consent tools to allow cookies to pass information about browsing activities to 3rd parties. So here’s our brief and easy to read slide pack giving you an overview and highlighting options.

Greenlight digital marketing - when the digital cookie crumbles

Greenlight Digital

DMA North: Legal Update

Rachel Aldighieri

DMA North: The DMA legal update

Rachel Aldighieri

Ce hv6 module 45 privacy on the internet

Vi Tính Hoàng Nam

The DMA conference 2012

Rachel Aldighieri

Here comes the Cookie Monster

BANNER

Ähnlich wie 120119 ukgc12-cookies (20)

Eprivacy issues and standards -- where do we stand?

Agenda 21 eu cookie seminar - david naylor - field fisher waterhouse

TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...

Cookies and European Union Law

2012-Oct: Effect of EU cookie law on US organisations

The EU ePrivacy Directive - Navigating the UK Cookie Law

Ico advice on_the_new_cookies_regulations_may2011

Browser-based Crypto M, C. F Mondschein

Cookie Consent and Authorized Data Collection_Mar23.pdf

A-Z Guide to Cookie Consent and Cookie Laws Around the World.pdf

EU Cookie Directive

Cookies guidance v3

International Chamber Of Commerce UK - EU Cookie Directive Guide

Greenlight digital marketing - when the digital cookie crumbles

DMA North: Legal Update

DMA North: The DMA legal update

Ce hv6 module 45 privacy on the internet

The DMA conference 2012

Here comes the Cookie Monster

Kürzlich hochgeladen

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...

Neo4j

The presentation explores the development and application of artificial intelligence (AI) from its inception to its current status in the modern world. The term "artificial intelligence" was first coined by John McCarthy in 1956 to describe efforts to develop computer programs capable of performing tasks that typically require human intelligence. This concept was first introduced at a conference held at Dartmouth College, where programs demonstrated capabilities such as playing chess, proving theorems, and interpreting texts. In the early stages, Alan Turing contributed to the field by defining intelligence as the ability of a being to respond to certain questions intelligently, proposing what is now known as the Turing Test to evaluate the presence of intelligent behavior in machines. As the decades progressed, AI evolved significantly. The 1980s focused on machine learning, teaching computers to learn from data, leading to the development of models that could improve their performance based on their experiences. The 1990s and 2000s saw further advances in algorithms and computational power, which allowed for more sophisticated data analysis techniques, including data mining. By the 2010s, the proliferation of big data and the refinement of deep learning techniques enabled AI to become mainstream. Notable milestones included the success of Google's AlphaGo and advancements in autonomous vehicles by companies like Tesla and Waymo. A major theme of the presentation is the application of generative AI, which has been used for tasks such as natural language text generation, translation, and question answering. Generative AI uses large datasets to train models that can then produce new, coherent pieces of text or other media. The presentation also discusses the ethical implications and the need for regulation in AI, highlighting issues such as privacy, bias, and the potential for misuse. These concerns have prompted calls for comprehensive regulations to ensure the safe and equitable use of AI technologies. Artificial intelligence has also played a significant role in healthcare, particularly highlighted during the COVID-19 pandemic, where it was used in drug discovery, vaccine development, and analyzing the spread of the virus. The capabilities of AI in healthcare are vast, ranging from medical diagnostics to personalized medicine, demonstrating the technology's potential to revolutionize fields beyond just technical or consumer applications. In conclusion, AI continues to be a rapidly evolving field with significant implications for various aspects of society. The development from theoretical concepts to real-world applications illustrates both the potential benefits and the challenges that come with integrating advanced technologies into everyday life. The ongoing discussion about AI ethics and regulation underscores the importance of managing these technologies responsibly to maximize their their benefits while minimizing potential harms.

Artificial Intelligence: Facts and Myths

Joaquim Jorge

In an era where artificial intelligence (AI) stands at the forefront of business innovation, Information Architecture (IA) is at the core of functionality. See “There’s No AI Without IA” – (from 2016 but even more relevant today) Understanding and leveraging how Information Architecture (IA) supports AI synergies between knowledge engineering and prompt engineering is critical for senior leaders looking to successfully deploy AI for internal and externally facing knowledge processes. This webinar be a high-level overview of the methodologies that can elevate AI-driven knowledge processes supporting both employees and customers. Core Insights Include: Strategic Knowledge Engineering: Delve into how structuring AI's knowledge base is required to prevent hallucinations, enable contextual retrieval of accurate information. This will include discussion of gold standard libraries of use cases support testing various LLMs and structures and configurations of knowledge base. Precision in Prompt Engineering: Learn the art of crafting prompts that direct AI to deliver targeted, relevant responses, thereby optimizing customer experiences and business outcomes. Unified Approach for Enhanced AI Performance: Explore the intersection of knowledge and prompt engineering to develop AI systems that are not only more responsive but also aligned with overarching business strategies. Guiding Principles for Implementation: Equip yourself with best practices, ethical guidelines, and strategic considerations for embedding these technologies into your business ecosystem effectively. This webinar is designed to empower business and technology leaders with the knowledge to harness the full potential of AI, ensuring their organizations not only keep pace with digital transformation but lead the charge. Join us to map a roadmap to fully leverage Information Architecture (IA) and AI chart a course towards a future where AI is a key pillar of strategic innovation and business success.

EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx

Earley Information Science

Automating Google Workspace (GWS) & more with Apps Script

wesley chun

[2024]Digital Global Overview Report 2024 Meltwater.pdf

hans926745

Enterprise Knowledge’s Urmi Majumder, Principal Data Architecture Consultant, and Fernando Aguilar Islas, Senior Data Science Consultant, presented "Driving Behavioral Change for Information Management through Data-Driven Green Strategy" on March 27, 2024 at Enterprise Data World (EDW) in Orlando, Florida. In this presentation, Urmi and Fernando discussed a case study describing how the information management division in a large supply chain organization drove user behavior change through awareness of the carbon footprint of their duplicated and near-duplicated content, identified via advanced data analytics. Check out their presentation to gain valuable perspectives on utilizing data-driven strategies to influence positive behavioral shifts and support sustainability initiatives within your organization. In this session, participants gained answers to the following questions: - What is a Green Information Management (IM) Strategy, and why should you have one? - How can Artificial Intelligence (AI) and Machine Learning (ML) support your Green IM Strategy through content deduplication? - How can an organization use insights into their data to influence employee behavior for IM? - How can you reap additional benefits from content reduction that go beyond Green IM?

Driving Behavioral Change for Information Management through Data-Driven Gree...

Enterprise Knowledge

Imagine a world where information flows as swiftly as thought itself, making decision-making as fluid as the data driving it. Every moment is critical, and the right tools can significantly boost your organization’s performance. The power of real-time data automation through FME can turn this vision into reality. Aimed at professionals eager to leverage real-time data for enhanced decision-making and efficiency, this webinar will cover the essentials of real-time data and its significance. We’ll explore: FME’s role in real-time event processing, from data intake and analysis to transformation and reporting An overview of leveraging streams vs. automations FME’s impact across various industries highlighted by real-life case studies Live demonstrations on setting up FME workflows for real-time data Practical advice on getting started, best practices, and tips for effective implementation Join us to enhance your skills in real-time data automation with FME, and take your operational capabilities to the next level.

From Event to Action: Accelerate Your Decision Making with Real-Time Automation

Safe Software

What is a good lead in your organisation? Which leads are priority? What happens to leads? When sales and marketing give different answers to these questions, or perhaps aren't sure of the answers at all, frustrations build and opportunities are left on the table. Join us for an illuminating session with Cian McLoughlin, HubSpot Principal Customer Success Manager, as we look at that crucial piece of the customer journey in which leads are transferred from marketing to sales.

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx

HampshireHUG

Axa Assurance Maroc - Insurer Innovation Award 2024

The Digital Insurer

Presentation on how to chat with PDF using ChatGPT code interpreter

naman860154

As privacy and data protection regulations evolve rapidly, organizations operating in multiple jurisdictions face mounting challenges to ensure compliance and safeguard customer data. With state-specific privacy laws coming up in multiple states this year, it is essential to understand what their unique data protection regulations will require clearly. How will data privacy evolve in the US in 2024? How to stay compliant? Our panellists will guide you through the intricacies of these states' specific data privacy laws, clarifying complex legal frameworks and compliance requirements. This webinar will review: - The essential aspects of each state's privacy landscape and the latest updates - Common compliance challenges faced by organizations operating in multiple states and best practices to achieve regulatory adherence - Valuable insights into potential changes to existing regulations and prepare your organization for the evolving landscape

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments

TrustArc

Sara Mae O’Brien Scott and Tatiana Baquero Cakici, Senior Consultants at Enterprise Knowledge (EK), presented “AI Fast Track to Search-Focused AI Solutions” at the Information Architecture Conference (IAC24) that took place on April 11, 2024 in Seattle, WA. In their presentation, O’Brien-Scott and Cakici focused on what Enterprise AI is, why it is important, and what it takes to empower organizations to get started on a search-based AI journey and stay on track. The presentation explored the complexities of enterprise search challenges and how IA principles can be leveraged to provide AI solutions through the use of a semantic layer. O’Brien-Scott and Cakici showcased a case study where a taxonomy, an ontology, and a knowledge graph were used to structure content at a healthcare workforce solutions organization, providing personalized content recommendations and increasing content findability. In this session, participants gained insights about the following: Most common types of AI categories and use cases; Recommended steps to design and implement taxonomies and ontologies, ensuring they evolve effectively and support the organization’s search objectives; Taxonomy and ontology design considerations and best practices; Real-world AI applications that illustrated the value of taxonomies, ontologies, and knowledge graphs; and Tools, roles, and skills to design and implement AI-powered search solutions.

IAC 2024 - IA Fast Track to Search Focused AI Solutions

Enterprise Knowledge

How to Troubleshoot Apps for the Modern Connected Worker

ThousandEyes

The Raspberry Pi 5 was announced on October 2023. This new version of the popular embedded device comes with a new iteration of Broadcom’s VideoCore GPU platform, and was released with a fully open source driver stack, developed by Igalia. The presentation will discuss some of the major changes required to support this new Video Core iteration, the challenges we faced in the process and the solutions we provided in order to deliver conformant OpenGL ES and Vulkan drivers. The talk will also cover the next steps for the open source Raspberry Pi 5 graphics stack. (c) Embedded Open Source Summit 2024 April 16-18, 2024 Seattle, Washington (US) https://events.linuxfoundation.org/embedded-open-source-summit/ https://eoss24.sched.com/event/1aBEx

Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...

Igalia

Boost Fertility New Invention Ups Success Rates.pdf

sudhanshuwaghmare1

Building Digital Trust in a Digital Economy Veronica Tan, Director - Cyber Security Agency of Singapore Apidays Singapore 2024: Connecting Customers, Business and Technology (April 17 & 18, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

apidays

This presentations targets students or working professionals. You may know Google for search, YouTube, Android, Chrome, and Gmail, but did you know Google has many developer tools, platforms & APIs? This comprehensive yet still high-level overview outlines the most impactful tools for where to run your code, store & analyze your data. It will also inspire you as to what's possible. This talk is 50 minutes in length.

Powerful Google developer tools for immediate impact! (2023-24 C)

wesley chun

Strategies for Landing an Oracle DBA Job as a Fresher

Remote DBA Services

2024: Domino Containers - The Next Step. News from the Domino Container commu...

Martijn de Jong

Heather Hedden, Senior Consultant at Enterprise Knowledge, presented “The Role of Taxonomy and Ontology in Semantic Layers” at a webinar hosted by Progress Semaphore on April 16, 2024. Taxonomies at their core enable effective tagging and retrieval of content, and combined with ontologies they extend to the management and understanding of related data. There are even greater benefits of taxonomies and ontologies to enhance your enterprise information architecture when applying them to a semantic layer. A survey by DBP-Institute found that enterprises using a semantic layer see their business outcomes improve by four times, while reducing their data and analytics costs. Extending taxonomies to a semantic layer can be a game-changing solution, allowing you to connect information silos, alleviate knowledge gaps, and derive new insights. Hedden, who specializes in taxonomy design and implementation, presented how the value of taxonomies shouldn’t reside in silos but be integrated with ontologies into a semantic layer. Learn about: - The essence and purpose of taxonomies and ontologies in information and knowledge management; - Advantages of semantic layers leveraging organizational taxonomies; and - Components and approaches to creating a semantic layer, including the integration of taxonomies and ontologies

The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf

Enterprise Knowledge

Kürzlich hochgeladen (20)

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...

Artificial Intelligence: Facts and Myths

EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx

Automating Google Workspace (GWS) & more with Apps Script

[2024]Digital Global Overview Report 2024 Meltwater.pdf

Driving Behavioral Change for Information Management through Data-Driven Gree...

From Event to Action: Accelerate Your Decision Making with Real-Time Automation

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx

Axa Assurance Maroc - Insurer Innovation Award 2024

Presentation on how to chat with PDF using ChatGPT code interpreter

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments

IAC 2024 - IA Fast Track to Search Focused AI Solutions

How to Troubleshoot Apps for the Modern Connected Worker

Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...

Boost Fertility New Invention Ups Success Rates.pdf

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

Powerful Google developer tools for immediate impact! (2023-24 C)

Strategies for Landing an Oracle DBA Job as a Fresher

2024: Domino Containers - The Next Step. News from the Domino Container commu...

The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf

120119 ukgc12-cookies

1. The cookie monster #ukgc12

2. Peter McClymont Web content manager North Devon Council @iamadonut @ndevoncouncil #WeeklyBlogClub

3. Disclaimer

4. www.ico.gov.uk www.allaboutcookies.org/ www.cookielaw.org

5. WTF???? OMG!!!!!

6. “ The EU Cookie Directive” Directive 2009/136/EC of the European Parliament and of the Council of 25 November 2009 amending Directive 2002/22/EC on universal service and users’ rights relating to electronic communications networks and services, Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector and Regulation (EC) No 2006/2004 on cooperation between national authorities responsible for the enforcement of consumer protection laws Text with EEA relevance

7. Article 3 "Member States shall ensure that the storing of information, or the gaining of access to information already stored, in the terminal equipment of a subscriber or user is only allowed on condition that the subscriber or user concerned has given his or her consent , having been provided with clear and comprehensive information, in accordance with Directive 95/46/EC, inter alia, about the purposes of the processing. This shall not prevent any technical storage or access for the sole purpose of carrying out the transmission of a communication over an electronic communications network, or as strictly necessary in order for the provider of an information society service explicitly requested by the subscriber or user to provide the service."

8. The Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011 came into force on 26 May 2011

9. “...a person shall not store or gain access to information stored, in the terminal equipment of a subscriber or user unless the requirements of paragraph (2) are met...” “(2) The requirements are that the subscriber or user of that terminal equipment “(a) is provided with clear and comprehensive information about the purposes of the storage of, or access to, that information; and “(b) has given his or her consent.” Regulation 6 of the Privacy and Electronic Communications Regulations 2003 (PECR)

10. The regulation requires: “[that] website owners … get consent in order to store or access information (including cookies) on users’ computers – unless the cookie is strictly necessary to provide a service requested by the user .” Source: ICO

11. Why?

12. Information Commissioner Enforcing body in the UK

13. Up to £500,000 fine for non-compliance

14.

15. decide whether cookies are intrusive

16. decide on solution for gaining user's consent

17.

18. third party

19.

20. Persistent

21. First and third party

22.

23. manual checking of www.northdevon.gov.uk pages containing third party content using Firefox web developer tools

24. manual checking of webforms using Firefox web developer tools

25. manual checking of third party web ends – planning, payments, licensing, benefits calculator - using the Firefox web developer tools

26. information from third party suppliers – Northgate, Innogistic, Ovaltech, Lalpac, Civica

27.

28. purpose

29. lifetime

30. Name: _utma Typical content: randomly generated number Expires: 2 years Name: _utmb Typical content: randomly generated number Expires: 30 minutes Name: _utmc Typical content: randomly generated number Expires: when user exits browser Name: _utmz Typical content: randomly generated number + info on how the site was reached (e.g. directly or via a link, organic search or paid search) Expires: 6 months

31. Explaining cookies

32. Exceptions (a) for the sole purpose of carrying out the transmission of a communication over an electronic communications network; or (b) where such storage or access is strictly necessary for the provision of an information society service requested by the subscriber or user. Source: ICO

33.

34. Certain cookies providing security that is essential to comply with the security requirements of the seventh data protection principle for an activity the user has requested – for example in connection with online banking services

35. Some cookies help ensure that the content of your page loads quickly and effectively by distributing the workload across numerous computers Source: ICO.

36.

37. First and third party advertising cookies

38. Cookies used to recognise a user when they return to a website so that the greeting they receive can be tailored Source: ICO.

39.

40. pop-up tick boxes

41. global consent?

42.

43.

44.

45.

46.

47. Consent may require setting a cookie (!)

48. Consent required for subsites – using third party web front ends

49.

50. Third party web front ends

51.

52. User control of cookies

53.

54. Directive 2009/136/EC PECR 2011 Cookie: flickr.com/photos/roboppy/115562673/ Credits

Hinweis der Redaktion

These are my own views and do not necessarily represent the views or policies of my employer. This presentation should be considered informal guidance and is not a representation of the law, its interpretation or enforcement.
Advice and guidance borrowed heavily from these sources
This presentation is to inform and stimulate discussion, share best practice and hopefully lead to considered viewpoints
Directive 2009/136/EC
No longer can you rely upon implied consent. If someone wants to use your website, they must given express consent that cookies or other programs or files are placed on their computer or device. Device includes mobile or tablet.
Privacy laws Protection of personal data Cookies misunderstood - must be bad - not viruses - but can be used to hoover up information Desire to police the web
Providing advice Will not enforce until 26 May 2012 to allow time to discuss with industry on compliance
Who wants to be the test case?
See the ICO site for the latest advice – date December 2011
Socitm SiteMorse others
Session and persistent cookies Cookies can expire at the end of a browser session (from when a user opens the browser window to when they exit the browser) or they can be stored for longer. The Regulations apply to both types of cookies: Session cookies – allow websites to link the actions of a user during a browser session. They may be used for a variety of purposes such as remembering what a user has put in their shopping basket as they browse around a site. They could also be used for security when a user is accessing internet banking or to facilitate use of webmail. These session cookies expire after a browser session so would not be stored longer term. For this reason session cookies may sometimes be considered less privacy intrusive than persistent cookies. Persistent cookies – are stored on a user's device in between browser sessions which allows the preferences or actions of the user across a site (or in some cases across different websites) to be remembered. Persistent cookies may be used for a variety of purposes including remembering users’ preferences and choices when using a site or to target advertising. First and third party cookies – Whether a cookie is ‘first’ or ‘third’ party refers to the website or domain placing the cookie. First party cookies in basic terms are cookies set by a website visited by the user - the website displayed in the URL window. Third party cookies are cookies that are set by a domain other than the one being visited by the user. If a user visits a website and a separate company sets a cookie through that website this would be a third party cookie.
Answers to these questions help categorise the cookies, determine whether they are intrusive and/or unnecessary and what happens if the cookie is disabled
Google Analytics cookies
Don't forget to update your privacy statement
The use of tick boxes and/or pop-ups raises usability and accessibility concerns.
The pop-up approach
The terms and conditions approach
The registration approach
The preferences approach
Both ICO and Torridge have “lost” 90% of traffic because of the pop-up banners. Other server side analytics: AW Stats
Most web users will be unaware that they can control how content is delivered and/or displayed through their web browser. For example, most modern web browsers will automatically enable Javascript to ensure that the intended functionality of web pages that deploy this common technology. Disabling Javascript is a simple task. However, many web pages use Javascript to improve functionality. If Javascript is turned off, pages may cease to function, links won’t work and so on. Because most cookies are set using Javascript, disabling Javascript will stop cookies being set on a user’s device. However, as above, many cookies are an essential part of page functionality: many pages will cease to function, links won’t work and so on. A user disabling Javascript or cookies would have access to most services offered by our website.

120119 ukgc12-cookies

Empfohlen

Empfohlen

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (12)

Ähnlich wie 120119 ukgc12-cookies

Ähnlich wie 120119 ukgc12-cookies (20)

Kürzlich hochgeladen

Kürzlich hochgeladen (20)

120119 ukgc12-cookies

Hinweis der Redaktion