cookie law vs gdpr
Page 1 of 1
cookie law vs gdpr
http://www.informationweek.com/big-data/cookie-law-vs-gdpr-whats-the-difference/a/d-id/1328344
In comparison, the present ePrivacy Directive (ePD) is a family of EU legislation that requires websites and apps to disclose their technologies and obtain consent. It’s a narrow set of country specific laws that haven’t been consistently enforced. This is all about to change. The ePrivacy Regulation (ePR), may replace the ePD. While at the beginning of the legislative process, it is ambitiously being pushed to go into effect with the GDPR. If that happens, we’ll have two separate and parallel privacy laws to comply with at the same time. Assuming the final version of the ePR looks like what is presently proposed, it could be more significant than the GDPR. Here’s why.
https://www.theregister.co.uk/2017/03/01/planned_cookie_law_update_expert/
The failings of the existing "cookie law" were noted even by the European Commission, which said that the consent rules for cookies had "failed to reach its objectives" since "end-users face requests to accept tracking cookies without understanding their meaning and, in some cases, are even exposed to cookies being set without their consent". It also admitted that meeting the consent requirements "can be costly for businesses".
Yet some of the problems that the Commission has identified could be exacerbated with its new proposals, and new problems created.
What does the Commission draft say?
The Commission's proposed ePrivacy Regulation would ban the use of processing and storage capabilities of terminal equipment and the collection of information from end-users’ terminal equipment, including about its software and hardware, other than by the end-user concerned, unless a listed exception applied.
However, exceptions allow businesses to deploy cookies etc, in line with those rules, namely if:
necessary to transmit electronic communications over electronic communications networks; the end-user had given consent; necessary to provide an information society service – generally, an online service – requested by the user; or necessary for the provider of a requested information society service to measure web audience – meaning that first party third analytics are permitted, but not third party analytics conducted using another organisation's analytics services.
simply put it effects ujm and the governments system of consent has now to be clear and defined and no longer like ujm is now that you except it by viewing its website
In comparison, the present ePrivacy Directive (ePD) is a family of EU legislation that requires websites and apps to disclose their technologies and obtain consent. It’s a narrow set of country specific laws that haven’t been consistently enforced. This is all about to change. The ePrivacy Regulation (ePR), may replace the ePD. While at the beginning of the legislative process, it is ambitiously being pushed to go into effect with the GDPR. If that happens, we’ll have two separate and parallel privacy laws to comply with at the same time. Assuming the final version of the ePR looks like what is presently proposed, it could be more significant than the GDPR. Here’s why.
https://www.theregister.co.uk/2017/03/01/planned_cookie_law_update_expert/
The failings of the existing "cookie law" were noted even by the European Commission, which said that the consent rules for cookies had "failed to reach its objectives" since "end-users face requests to accept tracking cookies without understanding their meaning and, in some cases, are even exposed to cookies being set without their consent". It also admitted that meeting the consent requirements "can be costly for businesses".
Yet some of the problems that the Commission has identified could be exacerbated with its new proposals, and new problems created.
What does the Commission draft say?
The Commission's proposed ePrivacy Regulation would ban the use of processing and storage capabilities of terminal equipment and the collection of information from end-users’ terminal equipment, including about its software and hardware, other than by the end-user concerned, unless a listed exception applied.
However, exceptions allow businesses to deploy cookies etc, in line with those rules, namely if:
necessary to transmit electronic communications over electronic communications networks; the end-user had given consent; necessary to provide an information society service – generally, an online service – requested by the user; or necessary for the provider of a requested information society service to measure web audience – meaning that first party third analytics are permitted, but not third party analytics conducted using another organisation's analytics services.
simply put it effects ujm and the governments system of consent has now to be clear and defined and no longer like ujm is now that you except it by viewing its website
Re: cookie law vs gdpr
https://www.cookielaw.org/blog/2016/5/13/the-gdpr,-cookie-consent-and-customer-centric-privacy/
https://www.theregister.co.uk/2017/03/16/uks_gdpr_law_will_not_be_judged_adequate_if_it_contains_provisions_that_made_the_dpa_inadequate/
this info does get rather interesting when you dig into it
Comment Since 2005, I have tried to use Freedom of Information legislation to find out what is behind the “ongoing” infraction proceedings, commenced by the European Commission against the UK. This is because the UK’s Data Protection Act (DPA) is, according to the Commission, a defective implementation of Directive 95/46/EC.
So what are these defects? Should data protection practitioners know what they are?
Readers also know the answer to both questions is a resounding “NO” as publishing the requested data protection detail would cause irreparable damage to international relations between the UK and the European Union (re-confirmed in ICO Decision Notice FS50577377 (PDF), dated March 2016)!
https://www.theregister.co.uk/2017/03/16/uks_gdpr_law_will_not_be_judged_adequate_if_it_contains_provisions_that_made_the_dpa_inadequate/
this info does get rather interesting when you dig into it
Comment Since 2005, I have tried to use Freedom of Information legislation to find out what is behind the “ongoing” infraction proceedings, commenced by the European Commission against the UK. This is because the UK’s Data Protection Act (DPA) is, according to the Commission, a defective implementation of Directive 95/46/EC.
So what are these defects? Should data protection practitioners know what they are?
Readers also know the answer to both questions is a resounding “NO” as publishing the requested data protection detail would cause irreparable damage to international relations between the UK and the European Union (re-confirmed in ICO Decision Notice FS50577377 (PDF), dated March 2016)!
Similar topics
» subscriber vs user law ( cookie law )
» gov.uk verify how to apply for it and also cookie and consent info
» HMCTS & GDPR
» GDPR is right to provide individuals with greater control over how their information is used
» jobcenter guidance on GDPR laws
» gov.uk verify how to apply for it and also cookie and consent info
» HMCTS & GDPR
» GDPR is right to provide individuals with greater control over how their information is used
» jobcenter guidance on GDPR laws
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum
|
|