Emediate 16.11.2010

• Cookies - what’s next?

• Morten Helveg Petersen, FDIM

Yesterdays news...

BBC

WSJ

IAB

EU

CommissionParliament

DPA

WP29

Nat. Gov’ts

Nat. Parliaments

ConsumersInt.

Nat.

Nat. IABs

JusticeBusiness

Science

EU-dir ective 2002/ 58

The wording of the final draft of Article 5(3) provides that:“Member States shall ensure that the storing of information, or the gaining of access to information already stored, in the terminal equipment of a subscriber or user is only allowed on condition that the subscriber or user concerned has given his or her consent,having been provided with clear and comprehensive information, in accordance with Directive 95/46/EC, inter alia, about the purposes of the processing. This shall not prevent any technical storage or access for the sole purpose of carrying out the transmission of a communication over an electronic communications network, or asstrictly necessary in order for the provider of an information society service explicitly requested by the subscriber or user to provide the service.”

But how to implement?

Opt-out via browser-settings?

Opt-in?

Press ReleaseCommuniqué de presseMitteilung fu ̈r die Presse

Brussels, 24 June 2010

ARTICLE 29 DATA PROTECTION WORKING PARTY

Opt-out is not sufficient

European Data Protection Authorities clarify EU rules on online behavioural advertising

The European Data Protection Authorities (the Article 29 Data Protection Working Party) today published an Opinion clarifying how EU rules apply to online behavioural advertising.(http://ec.europa.eu/justice_home/fsj/privacy/docs/wpdocs/2010/wp171_en.pdf)

COCOM Working Document COCOM10-3425.10.2010

Problem: no real guidance

The document does not provide any real support to the national governments on how to implement the law

- misses out on business arguments: it does not frame the debate from a business point, i.e. the potential damage of a wrongful implementation to Europe’s digital uptake;

- misses the role of browser

...lot’s of hard work ahead...

Key Points and Arguments:

Cookies have a bad reputation and it will be important to emphasise the positive aspects of cookies. Cookies are the most user-friendly way of storing information:

- cookies are harmless, they cannot be used for malicious actions (e.g. install malware or viruses);

- they are stored locally on a user PC, not centrally at a company level;

- therefore cookies can be easily deleted by the user;

- they can be easily managed by the user to a high degree through the browser settings (and other settings manager tools for LSOs / „flash cookies‟);

IAB EuropeConsumers driving the digital uptake

September 2010

Study by McKinsey for IAB:

Value of free services: 40€ per household...

Case: IAB UK

www.youronlinechoices.com

To sum up: Challenges for the industry

- demystify

- explain

- take responsibility – self-regulation

Thank You!