Category Archives: Cookies

With the GDPR on the horizon, the EU is now overhauling and expanding the reach of the more specific privacy rules which relate to direct marketing, cookies and other forms of online monitoring. The ability of social media and messaging services to track users is one of many areas touched on in the European Commission's newly proposed ePrivacy Regulation, which was officially unveiled last week. We highlight some key impacts for the tech and media sectors, provided the proposed draft passes through the legislative process without dramatic changes. Businesses should incorporate these new requirements into their GDPR readiness planning. Why are the rules being updated?
  • The regime for electronic communications, based on the EU's Privacy and E-communications Directive (PECD), which dates back to 2002, is being overhauled as part of the Commission's Digital Single Market package.
  • Since the last review of the PECD in 2009, a new … Continue Reading ››
Yesterday, 10 January, the European Commission (EC) presented its formal proposals for the new ePrivacy Regulation. On initial analysis, the first official draft of the Regulation appears broadly similar to last month's leaked version, explored by Datonomy here. Datonomy will be providing a fuller analysis, however in the meantime the EC's Fact Sheet provides a useful starting point. The Commission's aim is to have the new Regulation adopted by 25 May 2018 when the GDPR takes effect. Olswang's Head of Digital and Data, Elle Todd, and Alex Dixie, the firm's Head of Adtech, will be taking a first look at the practical impacts of the new proposals in a webinar at 15:00 UK time on Thursday 19 January. Follow this link to register. In particular the webinar will examine:
Yesterday (13 December) in time-honoured tradition, a draft proposal of the European Commission's (EC) new ePrivacy Regulation was leaked. The official draft of the proposal is not expected to be published by the EC until January 2017, and it is possible some of the detail will change before then. Datonomy will be providing fuller analysis of the real thing in the near future, but an initial look at the leaked draft – which (typos aside) gives a good indication of what to expect - reveals the following:
  1. It's a Regulation rather than a Directive (as predicted by Datonomy here)
As with the GDPR, this is intended to provide additional harmonisation and simplification. However, there are a number of areas where Member States can nuance provisions.
  1. A fining regime similar to GDPR
Offenders can expect turnover based fines. For example, fines of up to 2% of turnover, or up to 10,000,000 … Continue Reading ››
Last week, as part of Olswang's GDPR readiness and Talking Retail webinar series', lawyers from the firm's data protection and retail sector teams hosted a webinar looking at the implications of the GDPR on the use of data by the retail industry during an online transaction.  In this session our speakers looked at the following:
  • Targeted and non-targeted advertising
  • Privacy policies
  • Processing customer payment details
  • Post purchase analysis
  • Data breaches
  • GDPR implementation
The webinar was hosted by Katie Nagy de Nagybaczon, a partner in the Corporate Team, who focuses on the retail, eCommerce and technology sectors. The two speakers were:
  • Sven Schonhofen, an associate in the Commercial Team of the Munich office. He specializes in advising clients in all areas of IT law, in particular on data protection law.
  • Emily Dorotheou, an associate in the Commercial Team who has experience of working on procurement, technology and logistics contracts for a variety of retail and technology clients.
Please follow this … Continue Reading ››
In all the excitement last week over  the European Parliament's approval of the General Data Protection Regulation (GDPR) and the US Privacy Shield, you may have missed that the European Commission published a consultation on Monday  11 April  regarding the ePrivacy Directive. Don't worry though, here is what you need to know: What is the purpose of the consultation? The consultation forms part of the Commission's Digital Single Market (DSM) Strategy and is necessary given that the GDPR, once adopted, will impact the e-Privacy Directive which sets out some additional and specific rules regarding the processing of personal data in the electronic communications sector. Infamously, the e-Privacy Directive contains the almost uniformly derided cookie consent requirement,  so many people are likely to want to input. It also contains rules on breach notification, consents for marketing by electronic means and use of traffic and location data. The Commission … Continue Reading ››
[Originally posted on ADTEKR.] One of the fundamental lynch pins of current behavioural advertising and targeting technology is a small, non-descript text file stored by the browser of users, the humble cookie. What started off as a piece of technology to allow cross-webpage data transfer and persistent storage of local variables has evolved into the basis of the most powerful advertising technologies across the Internet. However, with tightening regulations, consumer mistrust, lack of relevance in the mobile space and lack of cross-device support, is the day of the cookie coming to an end?

Traditional cookie use

Cookies are traditionally used in desktop environments where they are dropped by advertisers or publishers during the course of consumer interaction with websites. Over time, the reading and writing of such cookies across multiple websites allows advertisers to build up a profile of the consumer in question and allocate them to a specific audience segment, … Continue Reading ››
As Datonomy reported (see below), Google has been fined by French and Spanish data protection authorities following almost two years of toing and froing with European data protection regulators over its consolidated privacy policy.  The tiny fines and are unlikely to change Google’s privacy practices. However, Google now has a larger headache to deal with following the judgment of Mr Justice Tugendhat in the English High Court, handed down yesterday (Judith Vidal-Hall and Others v Google Inc in the Queen’s Bench Division, Case number: HQ13X03128).  The claimants, represented by Olswang the lawfirm behind Datonomy, are a group of users of Apple's Safari internet browser.   The Safari users group claim that Google Inc illegally tracked and gathered information about their browsing activities by implementing a workaround to the default Safari browser block on third party cookies.  Under the Civil Procedure Rules (the procedural rules for parties to civil litigation in the English courts), the claimants needed the … Continue Reading ››