e-Privacy

Make sure your website is compliant with new laws

 

e-Privacy Directive Compliance

All UK websites are obliged to offer visitors a mechanism for giving informed consent to the installation of cookies in their browsers before installing them. Opt-out clauses in website privacy policies will no longer be adequate.

A cookie is a small file downloaded to a users device when a that user accesses a website. Cookies allow a website to recognise a user’s machine throughout their visit and track their activities.

Contained in the revised PECR (Privacy and Electronic Communications Regulations) which implements the EU e-Privacy Directive.

The PECR is enforced by the Information Commissioner’s Office (ICO), whose power to levy fines of up to £500k for non-compliance has been extended to cover the PECR regulations.

All websites install cookies. Cookies are used to track user's visits to your website, to track purchases from webpages to shopping carts etc.. And by third parties such as Google for analytics and advertising. If your business operates a website, it will be installing cookies on your customers/user's machines. You will therefore need to show evidence of compliance with the new Cookie regulations.

 

How can we help you become cookie compliant

The main way is to perform a ‘Cookie Audit’. This audit will identify

  • all of the cookies your site installs on your user's machine's
  • who owns those cookies, and what the purpose of each cookie is
  • whether or not they are all ‘strictly necessary’ for the service requested by the user
  • how intrusive the website cookies are
  • what steps you should take to either remove the cookie or obtain the user’s informed consent.

Completion of a cookie audit is the first practical step to determining a strategy for compliance and is also evidence that the organisation is taking appropriate steps to meet its compliance obligations.

 

How Minatio can help you become cookie compliant

Minatio's professional security experts use a combination of automated and manual website analysis to reliably identify:
  • All the cookies your site installs
  • How long they are set to survive
  • Whether they are first or third party cookies, and what they are really for
  • Whether or not any of them fall within the definition of a cookie that is ‘strictly necessary’ for the service requested by the website user
  • How intrusive the cookies are
  • How secure the cookies are (unsecure cookies can be used by attackers to intercept information)
  • What steps should be considered, for each cookie, to comply with the requirements of the PECR.

Upon completion of your cookie audit you will receive a full secure audit report. With full and comprehensive remediation advice and guidance.