EU Privacy and Communications Directive – May 26 th 2011 Matt Stannard – CTO firstname.lastname@example.org / @mattstannard
<ul><li>As of May 26 th , the EU’s Privacy and Communications Directive comes in to place – this incudes the way Cookies on websites are used. </li></ul><ul><li>This presentation covers: </li></ul><ul><li>Cookies </li></ul><ul><li>What is changing </li></ul><ul><li>Why the legislation is changing </li></ul><ul><li>What to do </li></ul>New Legislation
What are Cookies? Cookies are small files which websites can place on to a users computer to store information. This may be as simple as when they last visited a site to data relating to their personal preferences. Cookies are used by Google Analytics as a way of identifying a users journey through a web site. Cookies
Historically privacy policies contained information about what Cookies websites used and why they used these Cookies. What is Changing? Some Web Browsers would allow you to block cookies but the control a user had could be limiting. New legislation requires websites to have “positive” opt-in from the user for all Cookies. This includes Google Analytics. The one exception is for Cookies used to maintain the state of a users shopping basket.
Why Change? At a first glance the change may seem like one which could confuse the average user. However, it should deliver and give ultimate control of disclosing information to the user rather than allow a web site to make this choice. The best solution is to allow the settings to be maintained through the browser, perhaps in a similar way to the “padlock” when you visit a secure site. A cookie icon could show a user the cookies a site uses allowing them to opt-in or opt-out accordingly.
The ICO has deferred compliance for one year by which time we would expect browser based solutions to be implemented. What should I do? This does not mean we should ignore the changes. Best practice would suggest looking at what cookies you use and why . Think about whether they are necessary, what value do they add and what would the implication be if a user chose to opt-out. Decide on a way to communicate to your users what cookies are used and gain their trust and ultimately Opt In. Arrange a review with your Account Manager to review your cookies and discuss a sensible strategy.
Related Links <ul><li>http://www.ico.gov.uk Information Commissioners Office </li></ul><ul><li>ICO Press Release – Companies given 12 months to “Get their house in Order”. http://www.ico.gov.uk/~/media/documents/pressreleases/2011/enforcement_cookies_rules_news_release_20110525.pdf </li></ul><ul><li>ICO Advice on new Cookie Legislation http://www.ico.gov.uk/for_organisations/privacy_and_electronic_communications/~/media/documents/library/Privacy_and_electronic/Practical_application/advice_on_the_new_cookies_regulations.pdf </li></ul>