Categories
Articles

Privacy, Regulation and Innovation

Robin Wilton of the Internet Society gave a talk at the TERENA Networking Conference on the interaction between privacy, regulation, and innovation. It’s a commonly heard claim that regulation stifles innovation; yet the evidence of premium rate phone fraud and other more or less criminal activities suggests that regulation can, in fact, stimulate innovation, though […]

Categories
Articles

ICC Cookie Guide updates

The International Chamber of Commerce has published a revised version of its Cookie Guide, reflecting the new information that has been produced by the Information Commissioner and Article 29 Working Party since the original version last April. There are relatively few changes to the existing text, in particular the four ICC categories of cookie remain […]

Categories
Articles

Art.29WP on Cookies – specific and pragmatic advice

The e-Privacy Directive’s provisions on cookies exempt two classes of cookies from the requirement to gain consent (though if they relate to individual users, websites still need to inform users about them, under data protection law): CRITERION A: the cookie is used “for the sole purpose of carrying out the transmission of a communication over […]

Categories
Articles

New CAP rules on behavioural advertising

The Committee on Advertising Practice (CAP) has announced new rules on online behavioural advertising. UK advertisers will be expected to comply with these rules from 4th February 2013. Unlike the much-discussed cookie law, the CAP rules are technology neutral, concentrating instead on the actions involved in providing on-line adverts that are targeted to individuals’ patterns […]

Categories
Articles

Legal issues in dealing with Botnets

An interesting paper from ENISA and the NATO Cyberdefence Centre illustrates the narrow space that the law allows for incident response, and the importance of ensuring that new laws don’t prevent incident response teams from protecting networks, systems, their users and information against attack. By comparing the details of German and Estonian law, the report […]

Categories
Articles

ENISA on cyber incident reporting

ENISA have  published an interesting report on cyber incident reporting. Their scope is wide – incidents range from the failure of a certificate agency to storms creating widespread power (and therefore connectivity) outages. In each of these areas they find a common pattern, where governments are trying to encourage (or mandate) notification of incidents in […]

Categories
Articles

ICC Cookie Guide

The International Chamber of Commerce has published a Guide to cookies to help businesses comply with the legislation and individuals understand what is being done with their data. Rather than concentrating on the legal issues, the guide aims to develop a common terminology for different types of cookie use, which should help to increase users’ […]

Categories
Articles

Shiny New Legislation

I was recently struck by just how new most of the legislation creating duties for operators of electronic communications network is. Compared to the Computer Misuse Act, which has only had one amendment since 1990, these laws seem to be changing a lot faster: Data Retention (EC Directive) Regulations 2009 – with a significant update […]

Categories
Articles

Cookies: More information, and a demonstration

With a new law on obtaining consent for cookies coming into force today, the Information Commissioner has published details of how the ICO’s own site has been updated to comply. There appear to be three main changes: A lot more information on the privacy statement about the names and purposes of each cookie, and how […]

Categories
Articles

EC Security Breach Notification

The European Commission, Parliament and Council of Ministers have been discussing revisions to the package of Telecoms Directives for a couple of years, but now seem to be approaching a final conclusion. Once the new Directives are published, member states will have a fixed time period – normally 18 months – in which to implement […]