The Cookie Law - Speaker Deck

Slide 1

Slide 1 text

THE COOKIE LAW [email protected]

Slide 2

Slide 2 text

6.—(1) Subject to paragraph (4), a person shall not use an electronic communications network to store information, or to gain access to information stored, in the terminal equipment of a subscriber or user unless the requirements of paragraph (2) are met. (2) The requirements are that the subscriber or user of that terminal equipment— (a)is provided with clear and comprehensive information about the purposes of the storage of, or access to, that information; and (b)is given the opportunity to refuse the storage of or access to that information. The Privacy and Electronic Communications (EC Directive) Regulations 2003

Slide 3

Slide 3 text

(3) For paragraph (2)(b) substitute “(b) has given his or her consent”. The Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011

Slide 4

Slide 4 text

User Session Client Local Track & Proﬁle

Slide 5

Slide 5 text

User Session Most Preferences Shopping Basket Analytics Ad Network Behavioural Tracking/ Retargetting Social Plugins Afﬁliate

Slide 6

Slide 6 text

Remove Replace Get Consent

Slide 7

Slide 7 text

Remove

Slide 8

Slide 8 text

No content

Slide 9

Slide 9 text

No content

Slide 10

Slide 10 text

Replace Flash Local Shared Objects Silverlight Isolated Storage HTML5 Local/Global/Session/ Database Storage Image Cache Browser History

Slide 11

Slide 11 text

Query Parameters Last-‐Modified: Thu, 21 May 2009 21:26:08 GMT ETag: "650a7c7523865eae0c7294aa4e7b50dd" ETags 94.13.243.217 -‐ [13/Feb/2012:14:19:57 +0000] "GET /user/themes/dilectio/ images/mright.gif HTTP/1.1" 200 390 Log Analysis

Slide 12

Slide 12 text

Javascript Fingerprinting https://panopticlick.eff.org/

Slide 13

Slide 13 text

Client Server request ad / send cookie send targeted ad request ad send tracking JS send ﬁnger print send targeted ad

Slide 14

Slide 14 text

Get Consent

Slide 15

Slide 15 text

No content

Slide 16

Slide 16 text

No content

Slide 17

Slide 17 text

No content

Slide 18

Slide 18 text

No content

Slide 19

Slide 19 text

No content

Slide 20

Slide 20 text

•Web Statistics •Google Analytics •_utmz

Slide 21

Slide 21 text

No content

Slide 22

Slide 22 text

No content

Slide 23

Slide 23 text

“Although the Information Commissioner cannot completely exclude the possibility of formal action in any area, it is highly unlikely that priority for any formal action would be given to focusing on uses of cookies where there is a low level of intrusiveness and risk of harm to individuals. “