Hi Brian,

Yes, I saw your blog post earlier and I totally agree that the last thing we need

is for unis to go down various different routes in finding/attempting to  develop

solutions to this problem.  I certainly agree that the best approach is to encourage

“use of privacy-compliant browsers  and user education”, as I simply can’t see how

else a workable and practicable solution to complying with the spirit of this law

can be achieved. (Let’s forget about the letter of the law for the moment, as we

can only be sure about the meaning of that once there have been some court

cases!)

Writing a page giving some basic information about cookies in general and

the specific cookies used on that uni’s web site(s) is something that I would

suggest every uni should do, if nothing else because it shows that there is

no “lack of action” on our part if the ICO come asking.  I suspect most of us

will be copying the wording used elsewhere and just tailoring info about the

specific cookies we use (most of which can probably also be copied from

elsewhere – e.g. about Google Analytics).  So I don’t have a problem with

spending some time creating such a page myself.

I can’t be at IWMW this year (it’s in the school hols!), but look forward to seeing

the output from any collaborative contemplations regarding a whole-sector

proposal for a ‘business-friendly’ solution.  The page about cookies isn’t a solution

and it isn’t meant to be.  It’s just some information to show we like to be open

about such things.

Best wishes,

Adrian

Hi Adrian

     “Now I’d better get on and write a page about cookies for our site...!”

    And so will people at  ~160 other UK Universities and replicate work , loose benefits of collaboration, many eyes, …!

     More importantly if we want to provide the ‘business-friendly’ solution which Ed Vaizey has said the Government is looking for we need to provide a sectoral response.  The last thing we need is for University A to provide an ICO-style optin/optout box on every page whilst University B feels that encouraging use of privacy-compliant browsers  and user education is an appropriate response. 

     There is a session on Online Privacy at IWMW 2011. There is also a slot which could be used at the end of the event.  Could we come up with some proposals for how the sector should respond?  Anyone interested in getting involved in a small group to do this?

    I’ve posted some thoughts on this at:

http://ukwebfocus.wordpress.com/2011/05/26/how-should-uk-universities-respond-to-eu-cookie-legislation/

Thanks

Brian

It’s reassuring to hear that the ICO were saying yesterday that “Organisations and

businesses that run websites aimed at UK consumers are being given up to 12

months to ‘get their house in order’ before enforcement of the new EU cookies

law begins”.

Not that this means we can all forget about it for 12 months of course, as the same

ICO press release goes on to say:  “So we’re giving businesses and organisations

up to one year to get their house in order. This does not let everyone off the hook.

Those who choose to do nothing will have their lack of action taken into account

when we begin formal enforcement of the rules.”

So the approach of adding something general to terms and conditions / privacy

policy pages now, while then taking time to think through the most appropriate

course of action according to our own use of cookies seems a very sensible one

to me.

Now I’d better get on and write a page about cookies for our site...!

Best wishes,
Adrian

Hi Claire

       As I have just mentioned on Twitter I have published a survey of the privacy settings for the 20 UK Russell Group University Web sites: see http://ukwebfocus.wordpress.com/2011/05/24/privacy-settings-for-uk-russell-group-university-home-pages/

    I used the W3C Privacy Dashboard – a FireFox extension – for the survey.

    Note that Dave Raggett, the developer, will be talking about privacy issues at IWMW 2011, to be held at the University of Reading on 26-27 July – see http://iwmw.ukoln.ac.uk/iwmw2011/

    I’d be interested to hear if anyone is planning to provide a machine-readable statement of their privacy policies.

Brian

Hi all

Has anyone done anything in particular in response to the changes to the rules on using cookies and similar technologies for storing information from the ICO?

http://www.ico.gov.uk/~/media/documents/library/Privacy_and_electronic/Practical_application/advice_on_the_new_cookies_regulations.pdf

We were going to update and add to our privacy policy in terms of what cookies we use and why, and that’s about it for now.

Useful article: http://www.pcpro.co.uk/news/enterprise/367198/ico-browser-settings-not-enough-for-cookies-law

“The ICO said it will issue "separate guidance" on how it plans to enforce the new regulations, but stressed it would only investigate websites after receiving a complaint, and then will merely require sites to show they have a "realistic plan to achieve compliance".”

Cheers

C.

--------------------------------------------------------------

Claire Gibbons | Senior Web and Marketing Manager | Marketing and Communications

University of Bradford | BD7 1DP | E: [log in to unmask]">[log in to unmask] | T: 01274 236529

http://www.bradford.ac.uk  | http://twitter.com/BradfordUni |

www.youtube.com/UniversityOfBradford | http://www.wildwestyorkshire.com

British Science Festival comes to Bradford, Sept 2011: http://blogs.brad.ac.uk/bsf/

-------------------------------------------------------------