Until a court considers this, the Commissioner's guidance sets the
recommended minimum level of compliance:
"The requirement that the user or subscriber should be 'given
the opportunity to refuse' the use of the cookie type device may be
subject to differing interpretation. At the very least, however,
the user or subscriber should be given a clear choice as to
whether or not they wish to allow a service provider to engage
in the continued storage of information on the terminal in question."
Chris
Duncan Smith <[log in to unmask]>@JISCMAIL.AC.UK> on 21/07/2004 10:41:12
Please respond to Duncan Smith <[log in to unmask]>
Sent by: This list is for those interested in Data Protection issues
<[log in to unmask]>
To: [log in to unmask]
Subject: [data-protection] Refusal of cookies
Tim,
Picking up on something in your last msg. I've changed the thread title to
avoid confusion
>>Now we get to the fun. Designing a web site where you have (effectively)
to sign a contract before you allow your IP address, browser footprint and
myriad other stuff to be left "before it is left" is an amusing technical
conundrum. Because the browser leaves a huge payload of information by the
fact of the page opening.<<
Has anyone seriously tackled the issue of PECR (6) 2 (b) ... that's the bit
that says a subscriber or user is given an opportunity to refuse the
storage
or access to (cookie like) information on their PCs.
On explaining this to clients, I know I wont have to wait long before that
'look of sheer incredulity'!
If it is unsafe to assume that all browsing individuals use a browser that
is capable of (and set) to throw up a cookie warning, then the data
controller must do it for them, right? The data controller must get
consent
BEFORE placing the data on the terminal equipment.
So perhaps this is more than an 'amusing technical conundrum', could it be
a
blatant breach of my rights as enshrined in PECR if it's not done. I
certainly know of many 'respected' organisations who use email tracking
through web beacons etc. These are clearly explained in privacy policy
links et al. but all of which can only be read AFTER the cookie has been
stored. So I was not given the opportunity to refuse.
Is this another are of the law that will go unpoliced because it is too
difficult to achieve?
Duncan
iCompli Limited Northampton UK
t: 08707 70 48 66 f: 08707 70 48 69 m: 07775 56 81 80
Mailto:[log in to unmask] Web: www.icompli.co.uk
<http://www.icompli.co.uk/>
"Compliance in your language"
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
http://www.rac.co.uk
http://www.racbusiness.co.uk
http://www.bsm.co.uk
Any opinions expressed in this e-mail are those of the individual and not necessarily the company. This e-mail and any attachments are confidential to RAC and/or BSM and are solely for use by the intended recipient.
If you are not the intended recipient you must not disclose, copy or distribute its contents to any other person nor use its contents in any way.
If you have received this e-mail in error please forward a copy of this e-mail to "[log in to unmask]".
RAC Motoring Services: Registered England 1424399
VAT Reg No. GB 238640945
British School of Motoring: Registered England 291902
VAT Reg No. GB 239505847
Registered Office(s): 1 Forest Road, Feltham, TW 13 7RR
This e-mail and any attachments has been scanned for the presence of computer viruses. RAC/BSM accept no responsibility for computer viruses once this e-mail has been transmitted.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|