Cookie legislation
STARTING POINTS
In Article 5. 3 of the EU Directive on Privacy and Electronic Communications states:
"Member States shall ensure that the use of electronic communications networks to store information or to obtain access to information stored in a subscriber's or user's terminal equipment is only allowed on condition that the subscriber or user is given clear and adequate information, including about the purpose of treatment in accordance with Directive 95/46/EC and the right to refuse the controller such treatment. This shall not prevent any technical storage or access to information if the sole purpose of carrying out or facilitating the transmission of a communication over an electronic communications network or as strictly necessary to provide an information society, the subscriber or user wants. "
It is this background which provides a framework for IT and Telecom Agency implementation of new legislation on publishers' liability for storing data on computers and mobile phones. Draft Order can be found at Borger.dk
INDUSTRY CAN STILL DO WHAT THE WISH
FDIM held an informative event on Wednesday, 16.03. at law firm Horten. The speakers are placed in general a positive view of the forthcoming legislation, as the Internet industry still has exactly the same as they already do / can do today. The only difference is that the industry must tell consumers about it. EuroPark example is already highlighted in some media [ Comon ], but I think Poul Melbye (from JP / Pol) also had an excellent point about consumers who walked down the street. What would the consumer seems to have put a chip on itself by Copenhagen Rådshusplads who registered the shops (and goods) each looked at the way and then at King's Square had been approached about the jacket they had looked to be available to a given offers. In this case it is probably fair to inform the user of the chip before, so you can deselect it.
INFORMATION AND CONSENT
During the seminar audience waited patiently for instructions on how website publishers should move on. The change in law is in principle on two things:
1) Consent. That it is given voluntarily (and is possible to revoke). That it is specific (concrete to a use and purpose). That it is informed (which means that the information is at a level that allows them to make a choice).
2) Adequate information about the publisher's data storage on the user's computer (or other device)
From IT and Telecom Agency is set for an industry self-regulation, focusing on four areas. These are:
Transparency - And here is Denmark possibly a little tougher on the information obligation.
Consent - above
User-friendly solutions - it is not popups.
Effective enforcement - remedies and penalties
JOINT EFFORTS IN THE INDUSTRY
FDIM has subsequently been put forward their three areas where the trade association to assume responsibility on behalf of its members
There comes a Danish version of http://www.youronlinechoices.com/
Preparation of the icon, so website publishers to manage its users to the above site
Draft privacy policies, which publishers can be inspired by.
FUTURE
Kresten Bay laid out sharply and said that this lovstramning simply be seen as a first step and urged publishers to think about privacy and privacy legislation into everything they do. Thomas Myrup from Microsoft came up and pointed out that waited several things in connection with Directive 95/46, which deals with the processing of personal data.
Even though the crowd really reminded Flash cookies and other tracking methods, you should not expect that kind would pass legislation.
Looking ahead, we must therefore not expect pop-ups where the user must approve every cookie that is placed on his computer. It's an important point that industry self-regulation should lead to reasonable solutions, taking into account the user's privacy and online business models.
