Thursday, 25 August 2011
Solid progress on categorising cookies
While most of us have been enjoying our summer holidays, a group of people within the London Chapter of the International Chamber of Commerce have evidently been really hard at work trying to ensure that the new rules on cookies will eventually be capable of being complied with. It sounds like tedious work, but someone has to do it. I’m just so glad that it’s not me.
Anyway, today’s blog posting commemorates the brilliant work of those dedicated folk who are working behind the scenes to classify cookies into different types, depending on their function. Their aim is (eventually) to reach some common agreement on the sort of cookies that responsible data controllers ought to be able to use as a matter of course, and those which might need to be explained to the user in order that some form of permission can be obtained to legitimise their use.
It sounds like awful job,reaching a consensus on the creation of a common language that everyone can adopt. But I do hope there will be celebrations in the streets when the key players publish their proposals.
What are we likely to see? Well, I would hope that these folk agree first on the sorts of things that cookies actually do, and then they can move to the harder task of forming recommendations about which of these categories could be used by internet publishers as a matter of course, and which are deserving of greater transparency and control by internet users.
If we are really lucky, we will be offered only a few categories – as the fewer categories there are, then the fewer arguments will follow when the bun fight begins as to what categories need special attention. I have my views – but I do like to simplify things – and I appreciate that some of my learned friends prefer more complex solutions.
So what would be the best result?
Hopefully, the key players will agree that there really are just 4 main categories of cookies:
1. Basic cookies, which could not be used to gather information that could be used for marketing or remembering preferences.
2. Performance cookies, which could be used for testing designs and ensuring a consistent look and feel is maintained for the user; providing trend analysis on how users interact with the site.
3. Functionality cookies, which could remember customer selections that change the way the site behaves or looks.
4. Tracking cookies, which could identify that a user has visited a site, and then pass this information on to 3rd parties for advertising purposes.
Obviously, user consent will be required for the 4th category. But is this consent really necessary for any of the other 3 categories? I’m not sure that gaining their consent is necessary. Can any user seriously argue that they will be harmed if an internet publisher used these categories without the express consent of the user? Cummon, lets get real. Internet publishers have rights too - like the right to design and maintain a website that has the sort of functionality normal users would expect to experience.
The next phase of work ought to be about the development of the concept of privacy iconography, so perhaps we could stage a competition, say on International Data Protection Day 2012, for contestants to design a suite of cookie icons that represent each of these 4 categories.
The winner could be invited to a special dinner with members of the ICC’s working party somewhere in London. (The runner up could be invited to two special dinners with members of the ICC’s working party ... )
Anyway, as these dedicated souls continue to toil away within the ICC, they continue to have my admiration and support. I gather that the next meeting of the working party will take place within the next month, and I learn that solid progress is being made. With a fair wind, the concept may even be embraced beyond Europe’s shores, and morph into a global standard.
So, if I were someone who wanted to make their mark by creating a set of global icons that every internet user might understand, I would start sharpening my colouring pencils right now.