Cookie Law    CC-BY-SA-2.0 by Luis Ferro, 2012
Bake a nice Cookie!Guide to make impeccable cookies
Who am I?Im a PHP DeveloperAnd... IANAL!
Data ProtectionEuropean Directive of 1995Data Protection Act of 1998Update of DPA of 2003http://en.wikipedia.org/wiki/Data...
Regulation of Data ProtectionInformation Commissioners Officehttp://www.ico.gov.ukData Controlershttp://www.ico.gov.uk/ESD...
OriginsThe Privacy and Electronic Communications Regulations 2003Directive 2009/136/EC (specially the Article 5(3) of the ...
The Cookie (monster) Law
Why I should care?That is a simple question. And has a simple answer:  Penalties – can go up to £ 500.000
The Law ResumedApplies to anything that runs on a user deviceApplies to any action of storing and/or retrieving informatio...
The ICO RecomendationsImplied consent (ic)Very well Informed (specially if using ic)Simple and direct “Cookie Policies”Exp...
Steps to complianceAuditInformRoadmap / PlanAdapt (implied / explicit consent)
Techniques for complianceBrowser DoNotTrackGeo location (ex. GeoIP)Pop-upsLayersPlug-ins etc.. (WordPress, Joomla, Drupal,...
Examples
Examples
Examples
Examples
Examples
Examples
DebateOpen debate of Cookie Law
Images - attributionsCook – flickr, skampy, 2510844252, license CC- BY-SA-2.0, 20120521CookieMonster – flicker, Newbirth35...
ReferencesCookieshttp://www.allaboutcookies.org/manage-cookies/index.htmlhttp://en.wikipedia.org/wiki/HTTP_cookieHistoryht...
Upcoming SlideShare
Loading in …5
×

EU Cookie Directive

348 views

Published on

Overview of the implementation of the EU Cookie Directive in the UK, and current recommendations.

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
348
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
7
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • Those are tasty cookies but We are referring to Browser cookies, sort of... So what are they and why a Law about them?
  • Regulation of the registration and processing of personal data Become UK Law in 1998
  • (Implementing European Directive – 2002/58/EC) E-Privacy Directive mandates the requirement of requesting consent for storing and accessing data
  • "The Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011" is introduced in UK in 25 May 2011 and soon it was named "The Cookie (monster) Law"
  • "Implied consent is a valid form of consent and can be used in the context of compliance with the revised rules on cookies." "If you are relying on implied consent you need to be satisfied that your users understand that their actions will result in cookies being set. Without this understanding you do not have their informed consent." "You should not rely on the fact that users might have read a privacy policy that is perhaps hard to find or difficult to understand." "In some circumstances, for example where you are collecting sensitive personal data such as health information, you might feel that explicit consent is more appropriate."
  • EU Cookie Directive

    1. 1. Cookie Law CC-BY-SA-2.0 by Luis Ferro, 2012
    2. 2. Bake a nice Cookie!Guide to make impeccable cookies
    3. 3. Who am I?Im a PHP DeveloperAnd... IANAL!
    4. 4. Data ProtectionEuropean Directive of 1995Data Protection Act of 1998Update of DPA of 2003http://en.wikipedia.org/wiki/Data_Protection_Act_1998
    5. 5. Regulation of Data ProtectionInformation Commissioners Officehttp://www.ico.gov.ukData Controlershttp://www.ico.gov.uk/ESDWebPages/search.asp
    6. 6. OriginsThe Privacy and Electronic Communications Regulations 2003Directive 2009/136/EC (specially the Article 5(3) of the E-Privacy Directive)All EC States had until 25 May 2011 to transpose it.UK transposes it in 25 May 2011
    7. 7. The Cookie (monster) Law
    8. 8. Why I should care?That is a simple question. And has a simple answer: Penalties – can go up to £ 500.000
    9. 9. The Law ResumedApplies to anything that runs on a user deviceApplies to any action of storing and/or retrieving informationRequires informed consent
    10. 10. The ICO RecomendationsImplied consent (ic)Very well Informed (specially if using ic)Simple and direct “Cookie Policies”Explicit consent (on certain cases)
    11. 11. Steps to complianceAuditInformRoadmap / PlanAdapt (implied / explicit consent)
    12. 12. Techniques for complianceBrowser DoNotTrackGeo location (ex. GeoIP)Pop-upsLayersPlug-ins etc.. (WordPress, Joomla, Drupal, etc..)
    13. 13. Examples
    14. 14. Examples
    15. 15. Examples
    16. 16. Examples
    17. 17. Examples
    18. 18. Examples
    19. 19. DebateOpen debate of Cookie Law
    20. 20. Images - attributionsCook – flickr, skampy, 2510844252, license CC- BY-SA-2.0, 20120521CookieMonster – flicker, Newbirth35,license CC BY-NC 2.0, 20120607
    21. 21. ReferencesCookieshttp://www.allaboutcookies.org/manage-cookies/index.htmlhttp://en.wikipedia.org/wiki/HTTP_cookieHistoryhttp://en.wikipedia.org/wiki/Phormhttp://www.zdnet.co.uk/news/security-threats/2009/02/12/ec-warns-govt-over-phorm-foot-dragging-39615480/http://news.bbc.co.uk/1/hi/technology/7339263.stmThe Laws / Guides / etc..http://www.ico.gov.uk/for_organisations/privacy_and_electronic_communications/the_guide/cookies.aspxhttp://www.ico.gov.uk/what_we_cover/legislation.aspxhttp://www.aboutcookies.org/Default.aspx?page=3http://www.out-law.com/page-5486www.ffw.com/pdf/cookie-consent-tracking-table.pdfhttp://blogs.webtrends.com/2012/05/cookie-law-myth-busting/http://ie.microsoft.com/testdrive/browser/donottrack/default.html

    ×