Monday, June 18th, 2012
Article 3 of 3 – 1/3 posted 11 June 2012, 2/3 posted 13 June 2012 as part of Hanne & Co’s EU Privacy Series
Unless you can avoid using cookies altogether or unless you fall in to the exceptions from the new law requirements to (1) provide clear and comprehensive information about any cookies you are using; and, (2) obtain consent (the “Requirements”) (see page 12 of the ICO Guidance Download) (the “Guidance”), it is advisable that to take the following pre-set-up steps:
1. Check what type of cookies you use and how you use them;
2. Assess how intrusive your cookie usage is for each cookie;
3. Decide what solution to obtain consent;
6. Take legal advice.
In view of practical and technological constraints to instigating sophisticated consent mechanisms, the Guidance acknowledges that attaining implied consent is maybe more practical than the explicit opt-in model , however, it also states how “explicit consent might allow for regulatory certainty”. It is clear that the more effort put in to satisfying Requirement (1), the more likely implied consent shall suffice for opt-in consent.
1. Tell people that the cookies are there;
2. Explain what the cookies are doing;
3. Obtain consent to store a cookie on a user’s device; and,
Hanne & Co can help to provide you with the following:
(1) Suggested wording for a cookie warning message to be placed on your site;
(3) Advice and guidance on how best you can utilise these to meet the current legal obligations on a website owner; and,
(4) Undertake a review of any existing contracts you have with third party providers (or update company template precedent agreements) to ensure that you secure their commitment and agreement to be compliant with the law on cookies thereby reducing your risk.
By Commercial Consultant,Yvonne Morris.