Feeds

EU: Time running out for web companies on 'do not track' system

Steely Neelie: Agree on it by June, or I'll force one on you

Choosing a cloud hosting partner with confidence

Internet companies have been urged to establish a final standardised system that will allow users to control their privacy settings across websites.

Neelie Kroes, EU Commissioner responsible for the Digital Agenda, reiterated her demand that the technology be agreed upon by June in a speech at a meeting of the World Wide Web Consortium (W3C), according to a report by ZDNet.

Last summer Kroes warned internet companies that she would "not hesitate to employ all available means to ensure our citizens' right to privacy" if a standardised system for indicating user consent to their online activity being tracked was not agreed by June 2012.

"Do-not-track today is still an aspiration rather than a reality," Kroes said, according to the ZDNet report. "And that is why I have called for agreement on a do-not-track standard by June of this year. I am happy that work on this is proceeding in the World Wide Web Consortium. But we need to act fast to turn do-not-track into a reality for all web users".

Websites and third parties, such as advertisers, often like to record users' online interaction in order to serve personalised content, such as adverts, based on that recorded information. Websites can use a number of methods to collect user-specific data, including through the use of cookies. Operators sometimes pass on information stored in cookies to advertisers in order that they can serve behavioural adverts based on users' activity and apparent interests.

However, EU privacy rules that came into force last May state that storing and accessing information on users' computers is only lawful "on condition that the subscriber or user concerned has given his or her consent, having been provided with clear and comprehensive information … about the purposes of the processing". Consent must be unambiguous and be explicitly given.

Confusion has reigned over what practical measures can be used to obtain lawful consent to cookie tracking, although the Information Commissioner's Office in the UK has issued guidance on what it considers acceptable methods for achieving consent. The UK Government has also said that it has been working with browser manufacturers to find a system for obtaining user consent to cookies.

In November, W3C announced draft plans outlining how publishers must treat users who demand that their online activity not be tracked. Standards are agreed technical specifications to ensure that a single technology is used across an industry, often with the goal of achieving interoperability of products regardless of the manufacturer. W3C is responsible for making sure components of the world wide web work together.

Under the draft 'do not track' (DNT) plans unveiled by W3C, restrictions could be placed on publishers over their use of data to decide what content or adverts to show to users. Other plans in the draft suggested site operators would not be able to use previously-gathered information about visitors if, on subsequent visits, they are using a browser with DNT settings activated.

Neelie Kroes previously said that the new DNT standard must allow users to tell websites not to track their online behaviour and know exactly what the companies mean when they are told their activity is not recorded. In her speech on Tuesday she reiterated that requirement.

"When providers receive do-not-track signals from their users, how they need to respond may be different depending on whether the user is in Europe, the US or wherever," Kroes said, according to the ZDNet report. "So the system will need to adapt flexibly, depending on the jurisdiction in question".

Kroes' support for the US-driven DNT system was called into question by the EU's dedicated privacy watchdog last year. Peter Hustinx, the European Data Protection Supervisor, said Kroes was giving out inconsistent advice to website owners on how they should obtain users' consent to cookies. He said that the DNT system "although valuable" seemed to "fall short of the" of the requirements for obtaining lawful consent set out in the EU's Privacy and Electronic Communications Directive.

Copyright © 2012, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

Secure remote control for conventional and virtual desktops

More from The Register

next story
Bono apologises for iTunes album dump
Megalomania, generosity and FEAR of irrelevance drove group to Apple deal
Facebook, Apple: LADIES! Why not FREEZE your EGGS? It's on the company!
No biological clockwatching when you work in Silicon Valley
Arab States make play for greater government control of the internet
Nerds told to get lost in last-minute power grab bid at UN meeting
Apple SILENCES Bose, YANKS headphones from stores
The, er, Beats go on after noise-cancelling spat
Doctor Who's Flatline: Cool monsters, yes, but utterly limp subplots
We know what the Doctor does, stop going on about it already
Zippy one-liners, broken promises: Doctor Who on the Orient Express
Series finally hits stride, but Clara's U-turn is baffling
Don't bother telling people if you lose their data, say Euro bods
You read that right – with the proviso that it's encrypted
America's super-secret X-37B plane returns to Earth after nearly TWO YEARS aloft
674 days in space for US Air Force's mystery orbital vehicle
10 Top Tips For PRs Considering Whether To Phone The Register
You'll Read These And LOL Even Though They're Serious
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.