Feeds

EU regulations to control web cookies

But will e-businesses follow the rules?

  • alert
  • submit to reddit

Top three mobile application threats

European laws due to come into force by the end of October will shake up the way businesses are allowed to use cookies on their Web sites.

The UK government has just finished its consultation period but already questions are being raised over the extent to which companies will comply with the new rules.

Under the privacy-related regulations companies will be obliged to tell surfers about the use of cookies and how they can delete or control them.

Shelagh Gaskill, a partner with international law firm Masons, explains: "The new law requires that a Web site operator clearly indicates to visitors that the site uses cookies or other tracking technologies and gives users the opportunity to reject them."

Cookies are small text files used by most commercial web sites. The files are sent from a web server to a web site user's computer and are stored on the user's hard drive, so that when the user visits the site again, the site will remember the user.

The DTI recently completed a public consultation on its draft Privacy and Electronic Communications (EC Directive) Regulations 2003. The Regulations, which are chiefly about spam but also cover the use of cookies, are to implement a European Directive in the UK before 31 October 2003.

Results of the consultation are expected later this month.

Cyberspace laws - more honoured in the breach

But patchy compliance with existing e-commerce laws, highlighted by a survey published last week, raises serious concerns about whether UK businesses will adhere to forthcoming regulations.

Most UK e-commerce sites do not comply with at least one basic legal requirement, according to a survey by on-line legal documents provider Clickdocs.

The company found that 95 per cent of the sites it looked at fail to provide a 'reasonable' level of customer service, 63 per cent breached distance selling rules and 72 per cent fail data protection requirements.

Clickdocs investigated a random selection of web sites from 20 different market segments, all selling on-line to UK consumers.

A site's ability to offer secure on-line methods of payment is crucial for its potential customers. While 93 per cent of sites surveyed are secure, the remainder are not, raising serious concerns about the possible risk of credit card fraud with those sites.

The researchers state that 63 per cent of sites are failing to comply with the Distance Selling Regulations. In most cases this means customers not being told how long it will take for items to be delivered, not being given details of how to cancel an order or sites charging unreasonable penalties for returns.

It is a mandatory requirement of any business that collects personal data about customers to be compliant with the Data Protection Act. This extends to e-commerce sites. But while 68 per cent of sites claim to be compliant, only 18 per cent are actually registered, say the researchers.

Several sites were found to be simply copying and pasting standard text from other sources. In at least two cases, registration numbers are quoted that do not exist. Consumers who use sites not fulfilling Data Protection requirements are at risk from unauthorised sharing of personal details.

The Data Protection Act also requires that customers be informed of what happens to any data collected. Only 51 per cent of sites were found to have any privacy statement.

And another thing

The Clickdocs research also highlighted that even the simplest identification requirements are lacking: 55 per cent of companies fail provide the name of the limited company or of the proprietor; 16 per cent give nothing but a Web site name; 12 per cent neglect to include a fixed line telephone number and ten per cent omit a dedicated e-mail address or rely on a response form for all communication.

Clickdocs also claims that 41 per cent of sites have "unsatisfactory" terms and conditions.

Jon Aslin, Director of Clickdocs, said: "Web site design and programming has improved enormously in the last few years. Our research highlights just how much effort has gone into ensuring sites look good and are easy to navigate (92 per cent are regarded as satisfactory in their overall appearance and ease of use).

"It is therefore surprising, and indeed disappointing, that the small amount of time and investment that is required to address the basic commercial and legal basics has not been spent to make UK e-commerce sites a positive experience for customers." ®

Related Links

The Government's consultation paper on the new law can be found here (PDF file)
Advice to businesses on dealing with cookies, by Masons

Related Stories

Web Bugs - Here Are the Rules
Privacy: US, full marks, Europe, null points - study
EU preps phase two of war on spam
UK.gov seeks input on anti-spam law
Spammers break law with covert tracking
Undetectable 'son of cookie' system wins grant
Spam out, cookies tolerated, data retention remains: EU

Build a business case: developing custom apps

More from The Register

next story
BBC goes offline in MASSIVE COCKUP: Stephen Fry partly muzzled
Auntie tight-lipped as major outage rolls on
iPad? More like iFAD: We reveal why Apple fell into IBM's arms
But never fear fanbois, you're still lapping up iPhones, Macs
Amazon Reveals One Weird Trick: A Loss On Almost $20bn In Sales
Investors really hate it: Share price plunge as growth SLOWS in key AWS division
Bose says today is F*** With Dre Day: Beats sued in patent battle
Music gear giant seeks some of that sweet, sweet Apple pie
There's NOTHING on TV in Europe – American video DOMINATES
Even France's mega subsidies don't stop US content onslaught
You! Pirate! Stop pirating, or we shall admonish you politely. Repeatedly, if necessary
And we shall go about telling people you smell. No, not really
Too many IT conferences to cover? MICROSOFT to the RESCUE!
Yet more word of cuts emerges from Redmond
Chips are down at Broadcom: Thousands of workers laid off
Cellphone baseband device biz shuttered
Twitch rich as Google flicks $1bn hitch switch, claims snitch
Gameplay streaming biz and search king refuse to deny fresh gobble rumors
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.