Its not the legislation that’s at fault, a bad Privacy statement will put people off as do endless disclaimers, surely the problem is in the hands of the website. I have been to the BBC website on many occasions and remember clicking on the cookie bar but now it is not a problem, I have made my informed decision and moved on. Just because some websites make a pigs ear of how they do the cookie pop-up doesn’t mean that it’s a disaster. They should all learn from good practice and make it work for the consumer.
Chris
Chris Tinsley | Information Management Officer, GreenSquare Group
tel: 01249 466112 | [log in to unmask] | Methuen Park, Chippenham SN14 0GU
GreenSquare incorporates Oakus, OCHA, Sparrow, Tidestone, and Westlea Housing
housing people, building communities
www.greensquaregroup.com
-----Original Message-----
From: This list is for those interested in Data Protection issues [mailto:[log in to unmask]] On Behalf Of Ian Griffiths
Sent: 01 October 2012 00:06
To: [log in to unmask]
Subject: Re: [data-protection] Friday food for thought - Cookies
Case in point - http://natgeotv.com/uk/
You'll get a cookie pop up with no 'yes please go away' setting'.
If you ignore it, it'll pop up again.
If you ask for more information you'll get this page -
http://natgeotv.com/uk/cookies
...in which you'll have the cookies listed, amongst others, __utma, _gig_llp, pbwmaj6, dyncdn, ucid and many more, none of which the vast majority of people will have a clue what any of them are.
Now tell me this is good legislation.
Ian
----- Original Message -----
From: "Ian Griffiths" <[log in to unmask]>
To: <[log in to unmask]>
Sent: Saturday, September 29, 2012 11:58 PM
Subject: Re: [data-protection] Friday food for thought - Cookies
> Again, I don't see that a user of the internet needs to know about how
> cookies work. My mum shops online, she cares about her privacy but she
> doesn't want or need to understand the process sufficiently well in order
> to shop. The vast majority of browsing public have a right to have their
> privacy protected but shouldn't therefore be required to educate
> themselves with what is going on. The manufacturer of my car wasn't
> required by law to have me understand how an engine works and I'm glad
> they weren't, a high level understanding of the fact I get in and it goes
> is enough for me.
>
> The pretence is fine - people should make informed decisions about the
> amount of information they disclose online.
>
> The problem is that if a site takes the view that the user should be
> consulted about all cookie storage - then they have to ask the user
> whether they want to store cookies or not.
>
> Should the user say yes - all is (relatively) fine - you store their
> answer, you use cookies, the site behaves as normal.
>
> Should the user say no - you can't store the no answer anywhere. You
> can't set a cookie because that option has just been removed from you.
> You can't log something on IP or user agent (browser) because those are
> shared. You therefore need to ask people each time they go there whether
> they want cookies or not, and each time they need to tell you know,
> because there is no persistence in the answer implicit in the protocol and
> the legislation has forbade you to integrate any.
>
> Even if they say yes and you silence the question in the short term, that
> yes answer will not be returned if they use a different device or if after
> a time the cookie is removed or expired.
>
> So you end up asking them the question lots of times regardless of how
> they answer. Which is annoying.
>
> Then you ask the question of what is being stored anyway. If you're
> authenticating a user, you're probably storing their username and some
> other things relating to the session. All of which is provided by the
> user, and therefore can be conditionally supplied subject to principle 1.
> You might even go so far as assuming that them having provided a username
> permits you to refer to them with that name and the fact they want some
> relationship with your web site permits you to administer that
> relationship. I would imagine most people understand that if they supply
> a username, the site will use it as part of their authentication to that
> site.
>
> I think its very dangerous that there is somewhat of a lack of
> understanding across a lot of camps, and that translates in to poorly
> drafted legislation and vague guidance.
>
> I'm all for privacy but please, employ someone with a grasp of the
> technical issues.
>
> Ian
>
>
>
>
> ----- Original Message -----
> From: "Sandeep Das" <[log in to unmask]>
> To: <[log in to unmask]>
> Sent: Saturday, September 29, 2012 5:04 AM
> Subject: Re: [data-protection] Friday food for thought - Cookies
>
> I never said that the consumer is educated. I said that there is a need to
> make him/her educated
>
> And I would question why this legislation is annoying
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at
> http://www.jiscmail.ac.uk/help/commandref.htm
> Any queries about sending or receiving messages please send to the list
> owner
> [log in to unmask]
> Full help Desk - please email [log in to unmask] describing your
> needs
> To receive these emails in HTML format send the command:
> SET data-protection HTML to [log in to unmask]
> (all commands go to [log in to unmask] not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
GreenSquare comprises
GreenSquare Group Limited | An Industrial and Provident Society with charitable status number 30386R | Registered Office: Barbury House, Stonehill Green, Swindon SN5 7HB
Oakus Estates Limited | Registered as a private limited company in England & Wales number 3861414 | Registered Office: Barbury House, Stonehill Green, Swindon SN5 7HB
Tidestone Limited | Registered as a private limited company in England & Wales number 3861419 | Registered Office: Barbury House, Stonehill Green, Swindon SN5 7HB
Oxford Citizens Housing Association Limited | An Industrial and Provident Society with charitable status 12305R | Registered Office: 244 Barns Road, Oxford OX4 3RW
G W Sparrow and Co Ltd | Registered as a private limited company in England & Wales number 01971730 | Registered Office: 5 Cobham Centre, Westmead Industrial Estate, Westlea, Swindon SN5 7UJ
Westlea Housing Association Limited | An Industrial and Provident Society with charitable status number 28095R | Registered Office: Methuen Park, Chippenham SN14 0GU
GreenSquare Community Housing | An Industrial and Provident Society with charitable status number 31476R | Registered Office: Barbury House, Stonehill Green, Swindon SN5 7HB
Follow us on Twitter:
twitter.com/greensquareavon | twitter.com/greensquaremard | twitter.com/greensquareisis
Find us on Facebook:
fb.com/GreenSquareAvon | fb.com/GreenSquareMarden | fb.com/GreenSquareIsisArea
This e-mail (including any attachments) has been scanned for viruses. It is intended only for the recipient(s) named above. It may contain confidential or privileged information and should not be read, copied or otherwise used by any other person. If you are not a named recipient, please contact the sender or email [log in to unmask] and destroy the original message.
Please consider the environment before printing.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|