SlideShare a Scribd company logo

Cookie Policy Verfication Framework

Download as PPSX, PDF
S
sitemorse

Example of the Cookie Policy, verification framework we have developed - alongside both regulators and key member bodies.

1 of 21
Site Review A review and benchmark of the XYZ website. Scoring the level of cookie compliance* taking the consumer view. *Based on sensible interpretation of the current legal COOKIEREPORTS frame work around UK informed consent. 1
With the confusion around the current cookies Its being done – our agency provided it? law, its important to have a independent view for any site that’s is owned or operated for Unfortunately not all agencies are best placed you – allowing you to be confident in your for cookie auditing – we often find 30-70% brands position. more. Most do not have the appropriately skilled resources or technology in place (often Regulatory action is directly time relying on free tools). consuming, costly – indirectly it can be far more damaging in terms of losing trust and We are independent and have probably the negativity associated. delivered more cookie solutions than most – its all we do! If not more important, rather than the impact of regulatory action – is ensuring that It’s you and your brand that’s penalized if you are seen to be open and transparent. there are errors or omissions - what's essential is accuracy and efficiency. Typically we can audit, categorise and provide cookies Cookies are not considered as ‘bad’ in the reporting within hours – mutli site estates, can main, most are comfortable – offer simple be delivered in a couple of days, including clarity will ensure the confidence for your language and regulatory localization. visitor's. INTRODUCTION COOKIEREPORTS 2
EXAMPLE ….. A pretty good starting point. With probably 3 days of work focused on improving clarity, more visitor friendly information and better reporting the site would be considerably improved. On the cookies page there seem to be errors limiting site function. YOUR SUMMARY COOKIEREPORTS 3
0 2 4 6 8 10 3 Navigation 0 2 4 6 8 10 5 Function 5 4 6 0 2 4 6 8 10 3 7 2 Policy 2 8 0 2 4 6 8 10 1 1 9 Cookie Detail 0 10 0 2 4 6 8 10 1.9 1 Opt in / Opt out options Overall Rating COOKIEREPORTS 4
COOKIES REPORTED ‘V’ AUDIT FOUND COOKIEREPORTS 5
Category Found Reported Necessary These cookies are important to the underlying operation of the website, supporting important functionality such as shopping baskets and supporting the technical operation of the website to ensure the website performs how you would 8 0 expect. No personal identifiable data is collected with these types of cookies. Site experience These cookies are used to support your experience on our site and include display options and login areas. No personally identifiable data is collected with these types of cookies. 10 0 Performance & operation These cookies are used in the management of the site and include customer survey's, recording visitor numbers and other web analytics. Limited anonymous identifiable data is collected. 16 0 Marketing, anonymous cross site tracking These cookies are used to track our customers across our websites. This can be used to build up a profile of search and/or browsing history for every customer. Identifiable or unique data may be collected, however any stored information is anonymous and not logged against an identifiable profile or customer. Any anonymous activity recorded *25+ 0 may be reused by 3rd parties. Marketing, targeted advertising These cookies are used to track browsing habits and activity. We use this information to enable us to show you relevant/personalised marketing content. Using these types of cookies, we may collect personally identifiable 42 0 information and use this to display targeted advertising and/or share this data with 3rd parties for the same purpose. Any activity tracked and recorded using these cookies maybe sold to 3rd parties. *in total over 90 cookies were found on the site (abc.site.com) XXXX operates across numerous COOKIEREPORTS subdomains & requires further investigation to complete site mapping / cookies detail.
RESULTS BROKEN DOWN COOKIEREPORTS 7
0 2 4 6 8 10 3 Navigation As this report is based on the requirements for a UK managed and delivered website, the first (and arguably a key) requirement is to Improvement suggestions provide ‘clear navigation’ to your cookies statement / policy. (Not offered as part of the free summary) A site should clearly inform a visitor that it users cookies no matter 1. Point one what page of the site you arrive at or what device you are using to connect to the site. 2. Point two 3. Point three Two navigation options have been cited as both appropriate and ‘within requirements, these are; Graphical icon / device or a Text 4. Point four link. Where a text link is used, it should be clearly visible, if combined with a selection of links (say in a top navigation) it should be identified by a different color, font type or size. It should not be below the page fold. COOKIEREPORTS 8
0 2 4 6 8 10 5 Function Next stage down from the ‘front page’ navigation is it’s function. Generally speaking the more complicated the navigation the more Improvement suggestions prone to error or problems it will be. (Not offered as part of the free summary) Key areas are; 1. Point one 1. Are there any accessibility constraints? 2. Point two 2. Does the navigation unnecessarily interfere with the user 3. Point three journey? 3. Does it function on all pages of the site? 4. Point four 4. Is it functionality that is limited on public access devices? 5. Does it work when redirects are followed? A common navigation choice is a test bar at the very top of the page – its important to check that this will not compromise your search indexing and results. COOKIEREPORTS 9
0 2 4 6 8 10 2 Policy In looking at the policy and perhaps the only area of the report that can be considered as subjective is reading and reviewing of the Improvement suggestions content and explanation text of the policy. (Not offered as part of the free summary) The areas that we feel are important for any policy are; 1. Point one 1. Contact details – who to contact with any questions (email 2. Point two suggested)? 2. Date of the audit – demonstrate that you have audited your 3. Point three site, if externally even better as it offers the visitor confidence 4. Point four and a level of openness, building trust. 3. Opt out for LSO / Flash based cookies – does the policy offer support for this? 4. Clearing of cookies – does the policy offer detail, by browser of how this can be achieved? COOKIEREPORTS 10
0 2 4 6 8 10 1 Cookie Detail After many hundreds of thousands of audits, we now have a very comprehensive data set of pretty much all cookies. We have Improvement suggestions examined the cookies with this allowing us to create hopefully a (Not offered as part of the free summary) very consumer focused categorisation – we also have another key element to look at the likely privacy impact, that of each cookies 1. Point one 'density of use’. 2. Point two These categories (groups) are as clear as we believe possible (they have been defined by leading industry experts and were the result 3. Point three of checking many thousands of sites and looking at the detail of all 4. Point four cookies found (3rd Party predominantly). The categories (groups) reflect the potential level of privacy intrusion the visitor. We are comparing the detail reported on a site, against what’s been discovered. If a site doesn’t provide the basic detail of the cookies (name etc) then it can not claim to offer any level of ‘informed’ consent, as the basis a visitor has to make a decision is that of being informed – and with no information they are clearly not. COOKIEREPORTS 11
0 2 4 6 8 10 1 Opt in / Opt out options Its not in anyway sufficient to rely on 3rd parties who set cookies to offer a suitable mechanism to opt out their cookies. Most are Improvement suggestions cumbersome to use (perhaps intentionally) and to date the solutions (Not offered as part of the free summary) offered by collective bodies seem to operate with sporadic success. 1. Point one You should also offer a visitor a method of removing your (any) cookies from their device (covered in more detail within the policy 2. Point two review and check). 3. Point three Finally and essentially but so far limited across sites we have checked 4. Point four – the opt out method should actually work. For countries where opt-in has been taken as the legal requirement, we review the site before and after opt-in. COOKIEREPORTS 12
FURTHER READING COOKIEREPORTS 13
We have a book covering a great deal of the questions you may be asking, for a printed version please contact us. Its also available to download @ http://www.cookiereports.com/do wnload/journeybook COOKIEREPORTS 14
On request; • extracts from ICO discussions • the latest updated from the EU. Presentation is @ http://misc.cookiereports.com/CookieR eports_Deloitte_Event.ppsx COOKIEREPORTS 15
ABOUT US COOKIEREPORTS 16
• UK owned and operated company • Presence in UK, FI, DK, DE, AT • Our own unique IP and methodology • No VC, bank or external funding • Only service to be independently certified • UK member body & partners include; COOKIEREPORTS 17
Who have we worked together with? Most recently…. COOKIEREPORTS 18
Lawrence Shaw Cookie Reports Limited +44 207 183 0733 +44 7739 700 676 lshaw@cookiereports.com CONTACT COOKIEREPORTS 19
This material is proprietary to Cookie Reports Limited and has been furnished on a confidential and restricted basis. Cookie Reports Limited hereby expressly reserves all rights, without waiver, election or other limitation to the full extent permitted by law, in and to this material and the information contained therein. Any reproduction, use or display or other disclosure or dissemination, by any method now known or later developed, of this material or the information contained herein, in whole or in part, without the prior written consent of Cookie Reports Limited is strictly prohibited. COPYRIGHT COOKIEREPORTS 20
This document is offered as an overview and a starting point only – it should not be used as a single, sole authoritative guide. You should not consider this as legal guidance. The services provided by Cookie Reports Limited is based on an audit of the available areas of a website at a point in time. Sections of the site that are not open to public access or are not being served (possibly be due to site errors or downtime) may not be covered by our reports. Where matters of legal compliance are concerned you should always take independent advice from appropriately qualified individuals or firms. DISCLAIMER COOKIEREPORTS 21

Recommended

Cookie
CookieCookie
CookieSamit Kumar Kapat
 
HTTP Basics
HTTP BasicsHTTP Basics
HTTP Basicssanjoysanyal
 
Introduction to HTTP protocol
Introduction to HTTP protocolIntroduction to HTTP protocol
Introduction to HTTP protocolAviran Mordo
 
Advantages and disadvantages of multimedia
Advantages and disadvantages of multimediaAdvantages and disadvantages of multimedia
Advantages and disadvantages of multimediaIslamia university of bahawalpur
 
HyperText Transfer Protocol (HTTP)
HyperText Transfer Protocol (HTTP)HyperText Transfer Protocol (HTTP)
HyperText Transfer Protocol (HTTP)Gurjot Singh
 
EU cookie law - What you need to know
EU cookie law - What you need to knowEU cookie law - What you need to know
EU cookie law - What you need to knowCrafted
 
Cookies and the EU privacy directive: what it means for you
Cookies and the EU privacy directive: what it means for youCookies and the EU privacy directive: what it means for you
Cookies and the EU privacy directive: what it means for youKWD Webranking
 
Cookies and the EU privacy directive: what it means for you
Cookies and the EU privacy directive: what it means for you Cookies and the EU privacy directive: what it means for you
Cookies and the EU privacy directive: what it means for you Comprend
 

Recommended

Cookie
CookieCookie
CookieSamit Kumar Kapat
 
HTTP Basics
HTTP BasicsHTTP Basics
HTTP Basicssanjoysanyal
 
Introduction to HTTP protocol
Introduction to HTTP protocolIntroduction to HTTP protocol
Introduction to HTTP protocolAviran Mordo
 
Advantages and disadvantages of multimedia
Advantages and disadvantages of multimediaAdvantages and disadvantages of multimedia
Advantages and disadvantages of multimediaIslamia university of bahawalpur
 
HyperText Transfer Protocol (HTTP)
HyperText Transfer Protocol (HTTP)HyperText Transfer Protocol (HTTP)
HyperText Transfer Protocol (HTTP)Gurjot Singh
 
EU cookie law - What you need to know
EU cookie law - What you need to knowEU cookie law - What you need to know
EU cookie law - What you need to knowCrafted
 
Cookies and the EU privacy directive: what it means for you
Cookies and the EU privacy directive: what it means for youCookies and the EU privacy directive: what it means for you
Cookies and the EU privacy directive: what it means for youKWD Webranking
 
Cookies and the EU privacy directive: what it means for you
Cookies and the EU privacy directive: what it means for you Cookies and the EU privacy directive: what it means for you
Cookies and the EU privacy directive: what it means for you Comprend
 
4Ps Cookies Legislation
4Ps Cookies Legislation4Ps Cookies Legislation
4Ps Cookies LegislationEllie_4Ps
 
What Is Evercookie and Why You Should Avoid It for Privacy’s Sake
What Is Evercookie and Why You Should Avoid It for Privacy’s SakeWhat Is Evercookie and Why You Should Avoid It for Privacy’s Sake
What Is Evercookie and Why You Should Avoid It for Privacy’s SakePiwik PRO
 
Cookies Update
Cookies UpdateCookies Update
Cookies Update4Ps Marketing
 
4 ps cookies
4 ps cookies4 ps cookies
4 ps cookies4Ps Marketing
 
GDPR Cookies Policy
GDPR Cookies PolicyGDPR Cookies Policy
GDPR Cookies PolicyGDPR Privacy Policy
 
A-Z Guide to Cookie Consent and Cookie Laws Around the World.pdf
A-Z Guide to Cookie Consent and Cookie Laws Around the World.pdfA-Z Guide to Cookie Consent and Cookie Laws Around the World.pdf
A-Z Guide to Cookie Consent and Cookie Laws Around the World.pdfAdzappier
 
DMA Cookies update
DMA Cookies updateDMA Cookies update
DMA Cookies updateRachel Aldighieri
 
E Commerce Analytics Demandware
E Commerce Analytics DemandwareE Commerce Analytics Demandware
E Commerce Analytics Demandwareloripelletier
 
Cookies: A brief Introduction
Cookies: A brief IntroductionCookies: A brief Introduction
Cookies: A brief IntroductionHTS Hosting
 
eBusiness Club "Demystifying the EU Cookie Law presentation, Geldards
eBusiness Club "Demystifying the EU Cookie Law presentation, GeldardseBusiness Club "Demystifying the EU Cookie Law presentation, Geldards
eBusiness Club "Demystifying the EU Cookie Law presentation, GeldardsJon Egley
 
Aprobar el examen de google analytics ruben velasco
Aprobar el examen de google analytics ruben velascoAprobar el examen de google analytics ruben velasco
Aprobar el examen de google analytics ruben velascoRubén Velasco García
 
Web Tracking in cyber security and network security
Web Tracking in cyber security and network securityWeb Tracking in cyber security and network security
Web Tracking in cyber security and network securityHRJEETSINGH
 
Cookies: HTTP state management mechanism
Cookies: HTTP state management mechanismCookies: HTTP state management mechanism
Cookies: HTTP state management mechanismJivan Nepali
 
Cookie Law (Dwf 190511)
Cookie Law (Dwf 190511)Cookie Law (Dwf 190511)
Cookie Law (Dwf 190511)RobertMachin
 
A Comprehensive Guide to Cookie Management Using HeadSpin's Cutting-Edge Remo...
A Comprehensive Guide to Cookie Management Using HeadSpin's Cutting-Edge Remo...A Comprehensive Guide to Cookie Management Using HeadSpin's Cutting-Edge Remo...
A Comprehensive Guide to Cookie Management Using HeadSpin's Cutting-Edge Remo...kalichargn70th171
 
Cookies
CookiesCookies
CookiesMarc Southern
 
Cookies and European Union Law
Cookies and European Union LawCookies and European Union Law
Cookies and European Union LawReactive, part of Accenture Interactive
 
Example cookie compliance audit
Example cookie compliance auditExample cookie compliance audit
Example cookie compliance auditPhil Pearce
 
Tech4Africa Google Workshop 1
Tech4Africa Google Workshop 1Tech4Africa Google Workshop 1
Tech4Africa Google Workshop 1Sarah Blake
 
Cookies: best practice September 2012 by Fedelma Good, Barclays
Cookies: best practice September 2012 by Fedelma Good, BarclaysCookies: best practice September 2012 by Fedelma Good, Barclays
Cookies: best practice September 2012 by Fedelma Good, Barclaystheidm_quals
 

More Related Content

Similar to Cookie Policy Verfication Framework

4Ps Cookies Legislation
4Ps Cookies Legislation4Ps Cookies Legislation
4Ps Cookies LegislationEllie_4Ps
 
What Is Evercookie and Why You Should Avoid It for Privacy’s Sake
What Is Evercookie and Why You Should Avoid It for Privacy’s SakeWhat Is Evercookie and Why You Should Avoid It for Privacy’s Sake
What Is Evercookie and Why You Should Avoid It for Privacy’s SakePiwik PRO
 
A-Z Guide to Cookie Consent and Cookie Laws Around the World.pdf
A-Z Guide to Cookie Consent and Cookie Laws Around the World.pdfA-Z Guide to Cookie Consent and Cookie Laws Around the World.pdf
A-Z Guide to Cookie Consent and Cookie Laws Around the World.pdfAdzappier
 
E Commerce Analytics Demandware
E Commerce Analytics DemandwareE Commerce Analytics Demandware
E Commerce Analytics Demandwareloripelletier
 
Cookies: A brief Introduction
Cookies: A brief IntroductionCookies: A brief Introduction
Cookies: A brief IntroductionHTS Hosting
 
eBusiness Club "Demystifying the EU Cookie Law presentation, Geldards
eBusiness Club "Demystifying the EU Cookie Law presentation, GeldardseBusiness Club "Demystifying the EU Cookie Law presentation, Geldards
eBusiness Club "Demystifying the EU Cookie Law presentation, GeldardsJon Egley
 
Aprobar el examen de google analytics ruben velasco
Aprobar el examen de google analytics ruben velascoAprobar el examen de google analytics ruben velasco
Aprobar el examen de google analytics ruben velascoRubén Velasco García
 
Web Tracking in cyber security and network security
Web Tracking in cyber security and network securityWeb Tracking in cyber security and network security
Web Tracking in cyber security and network securityHRJEETSINGH
 
Cookies: HTTP state management mechanism
Cookies: HTTP state management mechanismCookies: HTTP state management mechanism
Cookies: HTTP state management mechanismJivan Nepali
 
Cookie Law (Dwf 190511)
Cookie Law (Dwf 190511)Cookie Law (Dwf 190511)
Cookie Law (Dwf 190511)RobertMachin
 
A Comprehensive Guide to Cookie Management Using HeadSpin's Cutting-Edge Remo...
A Comprehensive Guide to Cookie Management Using HeadSpin's Cutting-Edge Remo...A Comprehensive Guide to Cookie Management Using HeadSpin's Cutting-Edge Remo...
A Comprehensive Guide to Cookie Management Using HeadSpin's Cutting-Edge Remo...kalichargn70th171
 
Example cookie compliance audit
Example cookie compliance auditExample cookie compliance audit
Example cookie compliance auditPhil Pearce
 
Tech4Africa Google Workshop 1
Tech4Africa Google Workshop 1Tech4Africa Google Workshop 1
Tech4Africa Google Workshop 1Sarah Blake
 
Cookies: best practice September 2012 by Fedelma Good, Barclays
Cookies: best practice September 2012 by Fedelma Good, BarclaysCookies: best practice September 2012 by Fedelma Good, Barclays
Cookies: best practice September 2012 by Fedelma Good, Barclaystheidm_quals
 

Similar to Cookie Policy Verfication Framework (20)

4Ps Cookies Legislation
4Ps Cookies Legislation4Ps Cookies Legislation
4Ps Cookies Legislation
 
What Is Evercookie and Why You Should Avoid It for Privacy’s Sake
What Is Evercookie and Why You Should Avoid It for Privacy’s SakeWhat Is Evercookie and Why You Should Avoid It for Privacy’s Sake
What Is Evercookie and Why You Should Avoid It for Privacy’s Sake
 
Cookies Update
Cookies UpdateCookies Update
Cookies Update
 
4 ps cookies
4 ps cookies4 ps cookies
4 ps cookies
 
GDPR Cookies Policy
GDPR Cookies PolicyGDPR Cookies Policy
GDPR Cookies Policy
 
A-Z Guide to Cookie Consent and Cookie Laws Around the World.pdf
A-Z Guide to Cookie Consent and Cookie Laws Around the World.pdfA-Z Guide to Cookie Consent and Cookie Laws Around the World.pdf
A-Z Guide to Cookie Consent and Cookie Laws Around the World.pdf
 
DMA Cookies update
DMA Cookies updateDMA Cookies update
DMA Cookies update
 
E Commerce Analytics Demandware
E Commerce Analytics DemandwareE Commerce Analytics Demandware
E Commerce Analytics Demandware
 
Cookies: A brief Introduction
Cookies: A brief IntroductionCookies: A brief Introduction
Cookies: A brief Introduction
 
eBusiness Club "Demystifying the EU Cookie Law presentation, Geldards
eBusiness Club "Demystifying the EU Cookie Law presentation, GeldardseBusiness Club "Demystifying the EU Cookie Law presentation, Geldards
eBusiness Club "Demystifying the EU Cookie Law presentation, Geldards
 
Aprobar el examen de google analytics ruben velasco
Aprobar el examen de google analytics ruben velascoAprobar el examen de google analytics ruben velasco
Aprobar el examen de google analytics ruben velasco
 
Web Tracking in cyber security and network security
Web Tracking in cyber security and network securityWeb Tracking in cyber security and network security
Web Tracking in cyber security and network security
 
Cookies: HTTP state management mechanism
Cookies: HTTP state management mechanismCookies: HTTP state management mechanism
Cookies: HTTP state management mechanism
 
Cookie Law (Dwf 190511)
Cookie Law (Dwf 190511)Cookie Law (Dwf 190511)
Cookie Law (Dwf 190511)
 
A Comprehensive Guide to Cookie Management Using HeadSpin's Cutting-Edge Remo...
A Comprehensive Guide to Cookie Management Using HeadSpin's Cutting-Edge Remo...A Comprehensive Guide to Cookie Management Using HeadSpin's Cutting-Edge Remo...
A Comprehensive Guide to Cookie Management Using HeadSpin's Cutting-Edge Remo...
 
Cookies
CookiesCookies
Cookies
 
Cookies and European Union Law
Cookies and European Union LawCookies and European Union Law
Cookies and European Union Law
 
Example cookie compliance audit
Example cookie compliance auditExample cookie compliance audit
Example cookie compliance audit
 
Tech4Africa Google Workshop 1
Tech4Africa Google Workshop 1Tech4Africa Google Workshop 1
Tech4Africa Google Workshop 1
 
Cookies: best practice September 2012 by Fedelma Good, Barclays
Cookies: best practice September 2012 by Fedelma Good, BarclaysCookies: best practice September 2012 by Fedelma Good, Barclays
Cookies: best practice September 2012 by Fedelma Good, Barclays
 

Cookie Policy Verfication Framework

  • 1. Site Review A review and benchmark of the XYZ website. Scoring the level of cookie compliance* taking the consumer view. *Based on sensible interpretation of the current legal COOKIEREPORTS frame work around UK informed consent. 1
  • 2. With the confusion around the current cookies Its being done – our agency provided it? law, its important to have a independent view for any site that’s is owned or operated for Unfortunately not all agencies are best placed you – allowing you to be confident in your for cookie auditing – we often find 30-70% brands position. more. Most do not have the appropriately skilled resources or technology in place (often Regulatory action is directly time relying on free tools). consuming, costly – indirectly it can be far more damaging in terms of losing trust and We are independent and have probably the negativity associated. delivered more cookie solutions than most – its all we do! If not more important, rather than the impact of regulatory action – is ensuring that It’s you and your brand that’s penalized if you are seen to be open and transparent. there are errors or omissions - what's essential is accuracy and efficiency. Typically we can audit, categorise and provide cookies Cookies are not considered as ‘bad’ in the reporting within hours – mutli site estates, can main, most are comfortable – offer simple be delivered in a couple of days, including clarity will ensure the confidence for your language and regulatory localization. visitor's. INTRODUCTION COOKIEREPORTS 2
  • 3. EXAMPLE ….. A pretty good starting point. With probably 3 days of work focused on improving clarity, more visitor friendly information and better reporting the site would be considerably improved. On the cookies page there seem to be errors limiting site function. YOUR SUMMARY COOKIEREPORTS 3
  • 4. 0 2 4 6 8 10 3 Navigation 0 2 4 6 8 10 5 Function 5 4 6 0 2 4 6 8 10 3 7 2 Policy 2 8 0 2 4 6 8 10 1 1 9 Cookie Detail 0 10 0 2 4 6 8 10 1.9 1 Opt in / Opt out options Overall Rating COOKIEREPORTS 4
  • 5. COOKIES REPORTED ‘V’ AUDIT FOUND COOKIEREPORTS 5
  • 6. Category Found Reported Necessary These cookies are important to the underlying operation of the website, supporting important functionality such as shopping baskets and supporting the technical operation of the website to ensure the website performs how you would 8 0 expect. No personal identifiable data is collected with these types of cookies. Site experience These cookies are used to support your experience on our site and include display options and login areas. No personally identifiable data is collected with these types of cookies. 10 0 Performance & operation These cookies are used in the management of the site and include customer survey's, recording visitor numbers and other web analytics. Limited anonymous identifiable data is collected. 16 0 Marketing, anonymous cross site tracking These cookies are used to track our customers across our websites. This can be used to build up a profile of search and/or browsing history for every customer. Identifiable or unique data may be collected, however any stored information is anonymous and not logged against an identifiable profile or customer. Any anonymous activity recorded *25+ 0 may be reused by 3rd parties. Marketing, targeted advertising These cookies are used to track browsing habits and activity. We use this information to enable us to show you relevant/personalised marketing content. Using these types of cookies, we may collect personally identifiable 42 0 information and use this to display targeted advertising and/or share this data with 3rd parties for the same purpose. Any activity tracked and recorded using these cookies maybe sold to 3rd parties. *in total over 90 cookies were found on the site (abc.site.com) XXXX operates across numerous COOKIEREPORTS subdomains & requires further investigation to complete site mapping / cookies detail.
  • 8. 0 2 4 6 8 10 3 Navigation As this report is based on the requirements for a UK managed and delivered website, the first (and arguably a key) requirement is to Improvement suggestions provide ‘clear navigation’ to your cookies statement / policy. (Not offered as part of the free summary) A site should clearly inform a visitor that it users cookies no matter 1. Point one what page of the site you arrive at or what device you are using to connect to the site. 2. Point two 3. Point three Two navigation options have been cited as both appropriate and ‘within requirements, these are; Graphical icon / device or a Text 4. Point four link. Where a text link is used, it should be clearly visible, if combined with a selection of links (say in a top navigation) it should be identified by a different color, font type or size. It should not be below the page fold. COOKIEREPORTS 8
  • 9. 0 2 4 6 8 10 5 Function Next stage down from the ‘front page’ navigation is it’s function. Generally speaking the more complicated the navigation the more Improvement suggestions prone to error or problems it will be. (Not offered as part of the free summary) Key areas are; 1. Point one 1. Are there any accessibility constraints? 2. Point two 2. Does the navigation unnecessarily interfere with the user 3. Point three journey? 3. Does it function on all pages of the site? 4. Point four 4. Is it functionality that is limited on public access devices? 5. Does it work when redirects are followed? A common navigation choice is a test bar at the very top of the page – its important to check that this will not compromise your search indexing and results. COOKIEREPORTS 9
  • 10. 0 2 4 6 8 10 2 Policy In looking at the policy and perhaps the only area of the report that can be considered as subjective is reading and reviewing of the Improvement suggestions content and explanation text of the policy. (Not offered as part of the free summary) The areas that we feel are important for any policy are; 1. Point one 1. Contact details – who to contact with any questions (email 2. Point two suggested)? 2. Date of the audit – demonstrate that you have audited your 3. Point three site, if externally even better as it offers the visitor confidence 4. Point four and a level of openness, building trust. 3. Opt out for LSO / Flash based cookies – does the policy offer support for this? 4. Clearing of cookies – does the policy offer detail, by browser of how this can be achieved? COOKIEREPORTS 10
  • 11. 0 2 4 6 8 10 1 Cookie Detail After many hundreds of thousands of audits, we now have a very comprehensive data set of pretty much all cookies. We have Improvement suggestions examined the cookies with this allowing us to create hopefully a (Not offered as part of the free summary) very consumer focused categorisation – we also have another key element to look at the likely privacy impact, that of each cookies 1. Point one 'density of use’. 2. Point two These categories (groups) are as clear as we believe possible (they have been defined by leading industry experts and were the result 3. Point three of checking many thousands of sites and looking at the detail of all 4. Point four cookies found (3rd Party predominantly). The categories (groups) reflect the potential level of privacy intrusion the visitor. We are comparing the detail reported on a site, against what’s been discovered. If a site doesn’t provide the basic detail of the cookies (name etc) then it can not claim to offer any level of ‘informed’ consent, as the basis a visitor has to make a decision is that of being informed – and with no information they are clearly not. COOKIEREPORTS 11
  • 12. 0 2 4 6 8 10 1 Opt in / Opt out options Its not in anyway sufficient to rely on 3rd parties who set cookies to offer a suitable mechanism to opt out their cookies. Most are Improvement suggestions cumbersome to use (perhaps intentionally) and to date the solutions (Not offered as part of the free summary) offered by collective bodies seem to operate with sporadic success. 1. Point one You should also offer a visitor a method of removing your (any) cookies from their device (covered in more detail within the policy 2. Point two review and check). 3. Point three Finally and essentially but so far limited across sites we have checked 4. Point four – the opt out method should actually work. For countries where opt-in has been taken as the legal requirement, we review the site before and after opt-in. COOKIEREPORTS 12
  • 14. We have a book covering a great deal of the questions you may be asking, for a printed version please contact us. Its also available to download @ http://www.cookiereports.com/do wnload/journeybook COOKIEREPORTS 14
  • 15. On request; • extracts from ICO discussions • the latest updated from the EU. Presentation is @ http://misc.cookiereports.com/CookieR eports_Deloitte_Event.ppsx COOKIEREPORTS 15
  • 17. UK owned and operated company • Presence in UK, FI, DK, DE, AT • Our own unique IP and methodology • No VC, bank or external funding • Only service to be independently certified • UK member body & partners include; COOKIEREPORTS 17
  • 18. Who have we worked together with? Most recently…. COOKIEREPORTS 18
  • 19. Lawrence Shaw Cookie Reports Limited +44 207 183 0733 +44 7739 700 676 lshaw@cookiereports.com CONTACT COOKIEREPORTS 19
  • 20. This material is proprietary to Cookie Reports Limited and has been furnished on a confidential and restricted basis. Cookie Reports Limited hereby expressly reserves all rights, without waiver, election or other limitation to the full extent permitted by law, in and to this material and the information contained therein. Any reproduction, use or display or other disclosure or dissemination, by any method now known or later developed, of this material or the information contained herein, in whole or in part, without the prior written consent of Cookie Reports Limited is strictly prohibited. COPYRIGHT COOKIEREPORTS 20
  • 21. This document is offered as an overview and a starting point only – it should not be used as a single, sole authoritative guide. You should not consider this as legal guidance. The services provided by Cookie Reports Limited is based on an audit of the available areas of a website at a point in time. Sections of the site that are not open to public access or are not being served (possibly be due to site errors or downtime) may not be covered by our reports. Where matters of legal compliance are concerned you should always take independent advice from appropriately qualified individuals or firms. DISCLAIMER COOKIEREPORTS 21