ICO Cookie Legislation

I have done some reading into this topic including the ICO implementation recommendations and, on the face of it Google Analytics is of particular concern.

To take one of our corporate web sites as an example the Google analytics cookies do not relate to the function of the site so would be therefore be under scrutiny because they are not “‘strictly necessary’ for a service requested by the user”.

In reality however, there is some way to go before the industry catches up with the legislation. For instance web browsers would need provide integrated user friendly functionality to easily allow a user to define which cookie to reject and which to accept.

Therefore, some feel that there is effectively a bedding in or grace period while site owners and technology catches up with the implications of the legislation.

There is a good summarising piece here:
written by Brian Kelly from UKOLN, and he must be right because he has a beard.

The issue will also be discussed by Jason Miles-Campbell from JISC Legal at the Institutional Web Management Workshop 2011 at the end of July.


In the short term I can’t see a coherent message to put out to IOE web site owners without causing a fuss with no means of advising or resourcing a course of action.

What I have found though is some interesting references to Social networking and data protection including this one in a recent best practice white paper called ” Consent Management: Good Practice Recommendations” on the JISC Legal site:

“Where institutions are using social network services as data processors then the institution is obliged to ensure that this processing is data protection compliant. [section 3.9] “

I feel it might be inflammatory to highlight this particular issue without constructive recommendations.

For the time being I am going to keep a tabs on the way the situation develops in terms of UK HE response, JISC legal recommendations and any technological developments to accommodate the legislation.

About flammpunkt

Web Analyst, Mountain Biker
This entry was posted in Web, Work. Bookmark the permalink.

2 Responses to ICO Cookie Legislation

  1. Thanks to the link to my blog post.

    Note that the minister has said that he wants a ‘business-friendly solution’ to the problem. Universities, of course, aren’t alone in making use of Google Analytics. There is lobbying going on to ensure that such services can still be used. We may see a more considered and achievable solution being implemented.

    You should also remember that legal advice is always liable to err on the side of caution – I can recall the advice that the legal status of deep-linking is uncertain and you should seek permission before linking to a page! I think you should bear in mind the need to take a risk assessment approach.

  2. flammpunkt says:

    Brian, Thanks for taking the time to comment I really appriciate it.
    I will take the risk assesment up with the appropraite parties in our institution.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s