Blackbaud Europe: EU legislation changes around cookies
I’ve had a lot of enquiries about the new changes to how websites can store cookies, which the European Union has announced and will be putting into place on the 26th of this month. I wanted to put something up here so that we can help allay fears of Blackbaud Europe customers around use of our Blackbaud NetCommunity product especially.
- Content Comparison
- Suggested Content
- User Login
- Payment part (1 and 2)
- User Networking Manager
- Language Selector
Now the easiest thing to do is obviously not to use any of these parts, but that kind of defeats the purpose of buying the product, doesn’t it? So anyway, what you need to know is…
The information Commissioner, Christopher Graham, has this to say on the subject:
“The implementation of this new legislation is challenging and involves significant technological considerations. That’s why we’ve already consulted a wide range of stakeholders. But we want to spread the net as wide as we can and would welcome further comments from others who have practical examples to share. This advice is very much a work in progress and doesn’t yet provide all of the answers.”
Although we are only a few weeks away from this coming into effect, it seems like we’re not to panic. The Culture Minister, Ed Vaizey, also had the following to say on the subject:
So we’re not quite there with all options. First thing to consider is the fact that if a client signs up to your site (creates a user name) and has agreed to all of your terms and conditions, then this could be one of them. It needs to be an opt-in for this as the advice states that you cannot add it to the terms and assume that people have read them. So anything behind the login is fine and compliant under the regulations. So we’re just really talking about those who have not received a user name for your site and anonymous users.
Now if someone has a modern browser such as Firefox 4 which allows the user to choose which type of cookies they can use, then this will be deemed as express consent. But what if someone is using an older browser? What you have to realise at this point is that your organisation has an obligation to ask for permission from the end users.
So how does this directly affect our Blackbaud NetCommunity product? Well it’s worthwhile looking at the ways we store cookies and how they work/what they store:
1. Content Comparison – This area does not store any personal information and is purely used to decide which content is better received. The cookie is there purely to make sure that the user has the same experience each time, so it could be argued that this falls under the exception – for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
2. Suggested Content - Similar to content comparison; no personal details stored–just a way to make the experience better. What this cookie does do though is it remembers those who have been on the site from your machine and tries to tailor the content (so nothing about the use, just the info on what they have visited). If the user chooses to log in at this point, then it once again is no longer valid.
3. User Login – Only stores info when asked, so fits within the rules.
4. Payment part (1 and 2) -Info here is stored purely on a transactional basis and is covered under the exception that states that there is no need to do this if the info stored is ‘strictly necessary’ for a service requested by the user, such as a donation.
5. Poll - This cookie records whether someone has taken a poll so that they can’t skew results. No personal data again, and if the poll is behind the login we’re still fine.
6. Survey - Same as polls
7. User Networking Manager – Need to be logged in to use this area and thus behind the T&C’s
8. Language Selector – This is another area which could easily come under the ‘for the sole purpose of carrying out the transmission of a communication over an electronic communications network’. The purpose of this area is to remember which language the person used previously and not make them have to do it again.
I hope this helps to allay the fears people may have around this area and makes it a little clearer for you. I’m sure this is going to change as the government works more on this, but I believe this is where we are today.
Feel free to comment on this below and also – I suspect that no one will need to go to the extremes shown here by Dave Naylor.