Feeds

EU agency calls for clear consent on indelible and zombie cookies

Don't just go shoving them down people's throats

Internet Security Threat Report 2014

New, more persistent cookies pose an increasing risk to the privacy of consumers online, according to an EU security agency report released on Friday.

The advertising industry is pushing the adoption of new, more "persistent and powerful cookies" which profile users, often without users' awareness about what's happening.

Surfers should only be offered these cookies under a system of informed consent, according to ENISA (the European Network and Information Security Agency), which is calling on the industry to explain what it is doing and make it easier to delete unwanted advertising cookies.

Cookies were initially used to manage browser-server interaction but this role has been expanded over time to include advertising management, profiling and tracking. Most of the developments were driven by the advertising industry.

The new cookies support persistent user-identification. How this technology is being applied is less than clear, especially to users, so it is therefore hard to quantify privacy and security implications that arise from their use.

ENISA wants the industry to move towards informed consent so that, for example, the utility and the data stored in cookies is clear to users.

Surfers should be given the ability to either manage or remove cookies as they see fit, it says. The EU security agency also wants cookies to be stored within browser control, a reference to Flash-type so-called zombie cookies that stay on a system even if a user clears their browser history and cache.

Finally, surfers should be given secondary mechanisms to access web services if they choose not to accept cookies from a website, it says.

Professor Udo Helmbrecht, executive director of ENISA, said: ”Much work is needed to make these next-generation cookies as transparent and user-controlled as regular HTTP cookies, so as to safeguard the privacy and security aspects of consumers and business alike.”

The EU has put forward a directive that partly covers the use of cookies (Directive 2009/136/EC) and set a timetable for this to be incorporated into the national law of member states by 25 May. The rules emphasise the need for clear consent from a user, underpinned by clear up-front explanations, before cookies are installed on a user's machine. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
Netscape Navigator - the browser that started it all - turns 20
It was 20 years ago today, Marc Andreeesen taught the band to play
Sway: Microsoft's new Office app doesn't have an Undo function
Content aggregation, meet the workplace ... oh
Do Moan! MONSTER 6-day EMAIL OUTAGE hits Domain Monster
Customers freaked out by frightful service
Sign off my IT project or I’ll PHONE your MUM
Honestly, it’s a piece of piss
Return of the Jedi – Apache reclaims web server crown
.london, .hamburg and .公司 - that's .com in Chinese - storm the web server charts
NetWare sales revive in China thanks to that man Snowden
If it ain't Microsoft, it's in fashion behind the Great Firewall
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.