Cookies - free while stocks last
Jinfo Blog
27th May 2011
Item
Well the great European cookie crumble has now started, and all the signs are that it’s turning out to be a bit half-baked. But as LinkedIn tackles its own cookie security crisis, the big issue for web managers and compliance officers is likely to be the uncertainty of it all.
The new European rules came into force on 25 May; by then all member states were supposed to have brought in legislation requiring providers to seek users’ consent when deploying cookies. They’re part of a much wider global security drive (more LiveWire background here) – including, for example, a European proposal that mobile phone data showing where you are should be subject to strict privacy rules.
Back at the cookie counter, though, the new rules don’t quite cover all varieties. Cookies directly related to use of a service (like remembering what language a customer likes to use or what’s in their shopping basket) are exempt.
But even with this concession, it seems that only a handful of countries have toed the line and legislated in time. According to the Register newsletter 19 out of the 27 EU members have ignored the deadline and are thus now breaking European law, leading Digital Agenda Commissioner Neelie Kroes to threaten dire consequences if they don’t get a move on.
Britain is one of the good guys – but its Information Commissioner Christopher Graham has nevertheless said that he will give United Kingdom websites a whole year to comply. And in an open letter, Culture Secretary Ed Vaizey has actually told website owners that they don’t necessarily have to seek permission before they plant the cookies; the legislation says nothing about the consent being “prior” – meaning, Vaizey opines, that consent could be given after or during processing.
It sounds as if the lawyers could have a field day with this. Indeed, FreePint has already received a plug from a PR company acting for law firm Thomas Eggar saying that the Information Commissioner’s advice has been “pitched at a relatively basic level” and hinting that things could get complicated if the current uncertainties persist.
Meanwhile, flushed with success at its initial public offering, LinkedIn is facing its own cookie problems. Following a blog post from technology geek Rishi Narang that cookies planted by LinkedIn could allow personal accounts to be hijacked by someone with evil intent, LinkedIn has announced that it will dramatically reduce the lifespan of its authentication cookies (from 12 months to 90 days, the Register reports).
If there’s one thing worse than having to deal with new regulation, it’s having to deal with uncertainty. Where cookies are concerned, it looks as if there could be plenty of both for some time to come.
- Blog post title: Cookies - free while stocks last
- Link to this page
- View printable version
From information retrieval to integrated intelligence - with Dow Jones
23rd January 2025
AI contracting and licensing; Strategic information managers; End-user training
10th December 2024
- Jinfo Community session (TBC - Mar 2025) (Community) 20th March 2025
- Jinfo Community session (TBC - Feb 2025) (Community) 25th February 2025
- From information retrieval to integrated intelligence - with Dow Jones (Community) 23rd January 2025