You may have already experienced the implications of this legislation when you were presented with the ‘Cookie Consent’ panel at the top of the Hooklinks site in your browser.

This is the new legislation which applies to how websites use cookies and similar technologies for storing information on a user’s equipment such as their computer or mobile device changed on 26 May 2011. Information Commissioners Office (ICO) guidance on the new cookies Regulations sets out the changes to the cookies law and explains what steps webmasters and site owners need to take now to ensure you comply. It adds to the previous advice written on 9 May 2011.

Cookies and personal data

Regulation 6 covers the use of electronic communications networks to store information, eg using cookies, or gain access to information stored in the terminal equipment of a subscriber or user.

Although devices which process personal data give rise to greater privacy and security implications than those which process data from which the individual cannot be identified, the Regulations apply to all uses of such devices, not just those involving the processing of personal data.

Where the use of a cookie type device does involve the processing of personal data, service providers will need to make sure they comply with the additional requirements of the Data Protection Act 1998 (the Act). This includes the requirements of the third data protection principle which states that data controllers must not process personal data that is excessive. Where personal data is collected, the data controller should consider the extent to which that data can be effectively processed anonymously. This is likely to be particularly relevant where the data is to be processed for a purpose other than the provision of the service directly requested by the user, for example, counting visitors to a website.

Implementing a strategy to comply with the new regulations.

Taking heed of this new regulation, I have taken the time to understand these new regulations and research the possible solutions to allow Hooklinks to comply. Having audited the site for any ‘cookies’ that get generated during a visit, steps have been taken to display the likely cookies any visitor is likely to encounter. These are shown in the Hooklinks Privacy Policy page in screen shots as audited and a full list that is generated for a logged in user.

Having carried out the audit, published the details, the next step is to provide a notice for all visitors, informing them of their rights to view the site with or without ‘cookies’. You will have experienced how this has been implemented by the addition of an integrated system that opens with a notice at the top of the browser window when you first arrive at the site.

This notice will remain in place until you make your choice and accept cookies.

If the visitor ‘accepts’ the use of cookies the notice is suppressed throughout the visit and for future return visits. By agreeing the use of cookies, this allows all cookies to be used across the Hooklinks site. You can edit your preferences at anytime by clicking on the Privacy Settings tab on the rh side of the browser.

Similar solutions can be implemented across a variety of sites and systems. If you need assistance in complying with this regulation, then do contact me for further information.