Welcome to Scribd. Sign in or start your free trial to enjoy unlimited e-books, audiobooks & documents.Find out more
Download
Standard view
Full view
of .
Look up keyword
Like this
2Activity
0 of .
Results for:
No results containing your search query
P. 1
Advice on the New Cookies Regulations

Advice on the New Cookies Regulations

Ratings: (0)|Views: 9|Likes:
Published by Guntis Stirna

More info:

Published by: Guntis Stirna on Jun 15, 2011
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

06/15/2011

pdf

text

original

 
 Changes to the rules on using cookies and similartechnologies for storing information
The law which applies to how you use cookies and similartechnologies for storing information on a user’s equipment such astheir computer or mobile device chang
ed
 
on
26 May 2011. Thisdocument sets out these changes and explains what steps you needto take to ensure you comply.It is aimed at those organisations which are starting to think abouthow they will comply with the new rules. It is a starting point forgetting compliant rather than a definitive guide.These changes apply to
 
storage or gaining access to informationstored, in the device of a subscriber or user. This means the use of cookies and similar technologies for storing information.
 
A cookie is a small file of letters and numbers downloaded on to adevice when the user accesses certain websites. Cookies allow awebsite to recognise a user’s device.The Regulations also apply to similar technologies for storinginformation. This could include, for example, Locally Stored Objects(commonly referred to as “Flash Cookies”).For more information see:http://www.allaboutcookies.org/ We will use the term cookies through this document to refer tocookies and similar technologies covered by the Regulations.As explained below, you will need a user’s consent if you want tostore a cookie on their device. The ICO recognises that cookiesperform a number of legitimate functions. We also recognise thatgaining consent will, in many cases, be a challenge. However, it isimportant to remember that that these rules give you theopportunity to check how well you explain how your web pageswork to the people who visit them. Complying with the new ruleswill allow you to be confident that your users have a better andclearer understanding of what you do and how you do it.
What is changing?
Version 109/05/111
 
The previous rule on using cookies for storing information was thatyou had to:
 
tell people how you use cookies, and
 
tell them how they could ‘opt out’ if they objected.Many websites did this by putting information about cookies in theirprivacy policies and giving people the possibility of ‘opting out’.This rule was set out in Regulation 6 of the Privacy and ElectronicCommunications Regulations 2003 (PECR):
6.
(1) Subject to paragraph (4), a person shall not use anelectronic communications network to store information, or to gain access to information stored, in the terminal equipment of a subscriber or user unless the requirements of  paragraph (2) are met.(2) The requirements are that the subscriber or user of that terminal equipment -(a) is provided with clear and comprehensive informationabout the purposes of the storage of, or access to, that information; and (b) is given the opportunity to refuse the storage of or access to that information
What do the new rules say?
The new requirement is essentially that cookies can only be placedon machines where the user or subscriber has given their consent.
6 (1) Subject to paragraph (4), a person shall not store or gainaccess to information stored, in the terminal equipment of a subscriber or user unless the requirements of paragraph (2) are met.(2) The requirements are that the subscriber or user of that terminal equipment--(a) is provided with clear and comprehensive information about the purposes of the storage of, or access to, that information; and (b) has given his or her consent.(3) Where an electronic communications network is used by thesame person to store or access information in the terminal equipment of a subscriber or user on more than one occasion, it is sufficient for 
Version 109/05/112
 
the purposes of this regulation that the requirements of paragraph (2)are met in respect of the initial use.“(3A) For the purposes of paragraph (2), consent may be signified by asubscriber who amends or sets controls on the internet browser whichthe subscriber uses or by using another application or programme tosignify consent.
 
(4) Paragraph (1) shall not apply to the technical storage of, or access to, information--(a) for the sole purpose of carrying out the transmission of acommunication over an electronic communications network; or (b) where such storage or access is strictly necessary for the provision of an information society service requested by the subscriber or user.
Why is this rule changing?
The European Directive on which the Regulations are based hasbeen revised. UK law has to change to implement that changedDirective.
Does this consent rule apply to every type of cookie?
The only exception to this rule is if what you are doing is ‘strictlynecessary’ for a service requested by the user. This exception is anarrow one but might apply, for example, to a cookie you use toensure that when a user of your site has chosen the goods theywish to buy and clicks the ‘add to basket’ or ‘proceed to checkout’ button, your site ‘remembers’ what they chose on a previous page.You would not need to get consent for this type of activity.This exception needs to be interpreted quite narrowly because theuse of the phrase “strictly necessary” means its application has tobe limited to a small range of activities and because your use of thecookie must be related to the service requested by the user.Indeed, the relevant recital in the Directive on which theseRegulations are based refers to services “explicitly requested” bythe user. As a result our interpretation of this exception thereforehas to bear in mind the narrowing effect of the word “explicitly”. The exception would not apply, for example, justbecause you have decided that your website is more attractive if you remember users’ preferences or if you decide to use a cookie tocollect statistical information about the use of your website.
When are the rules changing?
Version 109/05/113

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->