Tag Archives: cookies

Spanish DPA fines Facebook €1.2 million for data protection infringements

The Spanish Data Protection Authority (AEPD) has imposed a fine of €1.2 million against Facebook following its investigation into whether Facebook’s data processing activities were in accordance with the Spanish Data Protection Act (Law 15/1999) (the Act). In its decision, the AEPD concluded that Facebook had committed serious breaches of the Act, as discussed further … Continue Reading

Updated Draft of ePrivacy Regulation: Still Hampering Innovation

On 8 September 2017, the European Council published its first revisions (“Revised Draft”) to the draft EU ePrivacy Regulation (version COM(2017) 10 of 10 January 2017, “ePrivacy Regulation”). The Revised Draft is based on the discussions held in previous meetings of the European Union’s Working Party for Telecommunications and Information Society (“WP TELE”), and on comments … Continue Reading

EU Commission publishes its proposals for new e-Privacy Regulation

On 10 January, the EU Commission proposed a new Regulation on Privacy and Electronic Communications (“proposed Regulation”) to replace Directive 2002/58 (known as the “ePrivacy Directive”). The proposed Regulation The proposed Regulation aims to align the rules that apply to electronic communications services with the forthcoming General Data Protection Regulation (GDPR).… Continue Reading

Third Circuit Slams Google’s Allegedly ‘Deceitful’ Cookie Practices

Exploiting loopholes in Internet users’ cookie-blocking settings while claiming to protect them from cookies is a serious and deceitful invasion of privacy, the Third Circuit held November 10. Ruling on an appeal from consumer plaintiffs, whose multi-district litigation against Google and several other companies that run Internet advertising businesses was dismissed in Delaware District Court, … Continue Reading

Chinese Appeal Court Provides Ruling for Lawful Use of Cookies

In May, the Intermediate People’s Court of Nanjing City, Jiangsu Province, published its civil judgment ruling that the search engine Baidu’s use of cookies, used to personalise advertisements aimed at consumers when they enter onto certain third-party websites, does not infringe an individual’s right to privacy. The case involved Internet user Ms. Zhu Ye, who … Continue Reading

Article 29 Working Party issues its Cookie Sweep Combined Analysis – Report

On 3 February, the Article 29 Data Protection Working Party published its ‘Cookie Sweep Combined Analysis – Report’. The sweep was undertaken by the WP29 in partnership with eight of the European data protection regulators, including the UK’s ICO, France’s CNIL and Spain’s AEPD, in order to assess the current steps taken by website operators … Continue Reading

EU Art. 29 Confirms Cookie Rules Apply to Digital Fingerprinting

The Article 29 Data Protection Working Party (Working Party) released Opinion 9/2014 on ePrivacy Directive 2002/58/EC (amended in 2009), stating that the consent and transparency mechanisms apply to digital fingerprinting of devices (Opinion). The Working Party issued the opinion to clarify that consent was required and to end “surreptitious tracking” of users in light of … Continue Reading

Italian Data Protection Authority issues new EU guidelines

This post was also written by Matthew N. Peters. In early May the Italian data protection authority (“Garante”) issued “Simplified Arrangements to Provide Information and Obtain Consent Regarding Cookies” (“Guidelines”).  These are intended to provide clarity on the application of Legislative Decree No. 69/2012 (the “2012 Act”), which implemented the EU Cookie Directive in Italy. The … Continue Reading

First European Cookie Fine Issued By Spanish Data Protection Authority

The Spanish data protection authority, the AEPD, has issued the first European cookie fine for the violation of Article 22.2 of Spain’s Information Society Services and Electronic Communications Law 34/2002 (Spanish E-Commerce Act), as amended by Royal Decree Law 13/2012 which implements the e-Privacy Directive (Directive 2002/58). On 29 April 2013, the AEPD issued guidelines … Continue Reading

IAB Future of the Cookie Working Group Publishes White Paper on Privacy and Tracking In a Post-Cookie World

The ‘Future of the Cookie Working Group’, established by the International Advertising Bureau (IAB) in 2012, has published a white paper titled ‘Privacy and Tracking in a Post-Cookie World’, which addresses the limitations of the traditional cookie. The Future of the Cookie Working Group takes issue with the fact that the cookie often forms the … Continue Reading

ICO January Updates for 2014

The ICO has had a busy January with some key updates to note for the start of 2014. The ICO has produced a series of quarterly reports: Spam text messages The main three topics for the subject of unsolicited marketing text messages were found to be debt management, payday loans and payment protection insurance. Enforcement … Continue Reading

Google refuses to submit itself to the scrutiny of English courts

This post was written by Cynthia O’Donoghue. An action against the California-based Internet giant, Google, was recently brought in the English courts. The individuals, supported by the campaign group known as Safari Users Against Google’s Secret Tracking, claim that the search engine provider bypassed the security settings on their Apple iPhones and Mac computers in … Continue Reading

Pushing the Limits with Analytics

With more and more companies engaging in the field of analytics, companies continue to come up with new and innovative ways to harvest their fields of Big Data. For instance, on Tuesday, the New York Times reported on how a range of start-ups and established tech companies are focusing their analytics efforts on a technology … Continue Reading

Singapore’s data protection authority clarifies data protection approach

This post was written by Cynthia O’Donoghue. In 2012, Singapore enacted the new Personal Data Protection Act 2012 (No. 26 of 2012) (PDPA). Before the main provisions come into force, which is planned for July 2014, Singapore’s Personal Data Protection Commission (PDPC) issued public consultations, or requests for comment, on a proposed regulation and two … Continue Reading

UK Office of Fair Trading warns online businesses about fair data usage

Office of Fair Trading (OFT) research into how online businesses use consumers’ information to influence prices has raised concerns over how UK companies collect and use consumer data. The report on Personalised Pricing found that many consumers are concerned with the extent of personal information collected and used online. OFT points out that websites failed … Continue Reading

Spanish data protection watchdog publishes one new guidance on cookies and two on cloud computing

The Spanish data protection authority, Agencia Española de Protección de Datos (AEPD), has issued three new guidance documents dealing with (1) the use of cookies, (2) cloud computing from a customer perspective and (3) cloud computing from a service provider perspective. The guides provide useful information on how to use modern IT solutions in conjunction … Continue Reading

The UK Information Commissioner’s Office publishes report on new cookie rules compliance activity

The UK Information Commissioner’s Office (ICO) has published a report detailing compliance and consumer concerns about use of cookies, following the changes under Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011 (PECR), which require consent, more transparent notice and opt-out. In response to more than 550 consumer complaints about implied consent mechanisms and the … Continue Reading

European Commission shows concern over the slow development of the Do-Not-Track standard

This post was written by Cynthia O’Donoghue. Neelie Kroes, Vice President of the European Commission, has signalled her concern over the progress of the adoption of the Do-Not-Track (DNT) standard, which is being developed by the World Wide Web Consortium (W3C) as a universal mechanism to communicate relevant consent or lack of consent to the … Continue Reading

The Article 29 Working Party issues Opinion on the cookies

During its meeting in early June, the Article 29 Working Party (the “Working Party”) issued an Opinion on cookies that analyses the exemptions to the requirement for informed consent, and sets how the revised e-Privacy Directive impacts cookie usage. Article 5.3 of the amended ePrivacy Directive 2009/136/EC provides that cookies are exempt from the need … Continue Reading

The UK Information Commissioner’s Office Has Received Numerous Complaints about Websites not adhering to the ‘Cookie’ law

The UK Information Commissioner’s Office (ICO) has received 169 complaints thus far about websites failing to comply with the cookie law that came into force May 26, V3.co.uk reports. UK Information Commissioner Christopher Graham stated that his office has received 169 complaints thus far about websites whose policies appear not to comply with the new … Continue Reading

CNIL vs. Google, Act III: CNIL sends Google a 6-page additional Questionnaire on Google’s New Privacy Policy since it is still “impossible to know Google’s processings of personal data”

We have previously reported that the French Data Protection Authority (DPA), the CNIL, had sent to Google 19 March 2012, a 12-page questionnaire divided in not less than 69 main questions on Google’s new privacy policy. The CNIL has been designated by the Working Party 29 to evaluate the compliance to applicable data protection regulation … Continue Reading

Cookies – The Heat Is On: Grace period to comply with new cookies law to expire soon!

This post was also written by Sakil Suleman and Cynthia O’Donoghue. It is almost a year since the new European rules on website cookies hit the UK. The new rules are significant and impact upon practically all businesses with a website, not just those that operate an e-commerce site. See earlier blog posting. Largely for … Continue Reading

More Flexibility on Cookies: the French CNIL Softens Its Views on User Consent

The French CNIL has released an amended version of its guidance regarding the implementation of the “Telecoms Package” concerning the use of cookies. As set forth by the 24 August 2011 Ordinance, user consent is in principle required prior to the placement of cookies on an individual’s computer. Until the revision of its guidance, the … Continue Reading

The ICC publishes its ‘UK Cookie Guide’ on 2 April 2012 to provide guidance to website operators and website users alike.

On 2 April, 2012, after almost a year of preparation, the International Chamber of Commerce UK (“ICC”) launched its UK Cookie Guide designed to help website operators and website users comply with new EU rules on the use of cookies. The ICC hopes that if the Guide becomes widely adopted by website operators, then users will … Continue Reading
LexBlog