Privacy - is the law a bad guide?
Jinfo Blog
10th August 2011
Item
Business abhors uncertainty like nature abhors a vacuum, and there’s uncertainty a-plenty surrounding the looming compliance issue of cookies. So with half of organisations likely to have revised their privacy policies by the end of 2012, the arrival of a new information law service may be pretty timely.
LiveWire warned some months ago that there would be continuing uncertainty surrounding new cookie rules. So indeed it is proving – with the European Commission now moving on to consider Do Not Track regulation as well, even though most member states have yet to implement the initial overarching cookie legislation.
Voicing her interest in Do Not Track matters a couple of months back, European Commissioner Neelie Kroes made clear that self-regulation was part of the mix. But a recent Stanford University study suggests that voluntary Do Not Track regulation under the American Network Advertising Initiative is more honoured in the breach than in the observance.
The NAI takes issue with this, saying there has to be a distinction between operational and behavioural tracking. Maybe – but it doesn’t augur well for self-regulation generally.
Worse, there’s even disagreement within EU circles over the potential effectiveness of existing law. In a speech at the Edinburgh University School of Law recently, European Data Protection Supervisor Peter Hustinx observed that the Do Not Track initiative seemed to fall short of the Commission’s e-Privacy Directive requirements – suggesting that this raised doubts as to the Commission’s position on the subject and warning that it should avoid any ambiguity (see also a handy gloss on the speech in Pinsent Masons’ Out-Law newsletter).
Britain is one of the few member states to have implemented the cookie rules on time – but it now seems to have fallen foul of the Article 29 Working Party, which represents data protection authorities across the EU. In a formal Opinion on the definition of “consent” to the use of cookies, it makes clear that this has to be prior consent – flatly contradicting the view of the UK’s Culture Secretary Ed Vaizey (previously reported by LiveWire) that web owners didn’t need to ask first.
With all this uncertainty, it’s hardly surprising to find Gartner predicting that half of organisations will have revised their privacy policies by the end of 2012. But it adds that “legal requirements are a bad guideline as they trail technical innovation and cultural change by several years”.
So what on earth to do? Perhaps a new service from Justis has arrived just in time. Developed with the leading law chambers 11KBW, its new online and printed Information Law Reports series should at least help beleaguered privacy officers keep up with the past.
Keeping up with the future, though, may be an entirely different matter.
- Blog post title: Privacy - is the law a bad guide?
- Link to this page
- View printable version
Register for our next Community session:
Critical thinking skills for GenAI
15th July 2025
Latest on our YouTube channel:
Read on the Blog:
July 2025 update
1st July 2025
- What we learned from reviewing AI tools for news
10th July 2025 - July 2025 update
1st July 2025 - Will you be replaced by a button? Five takeaways from the KiMRA conference
1st July 2025
- Due diligence and integrity research – expanding the role of information managers (Community) 22nd October 2025
- Contract negotiation role-play (Community) 23rd September 2025
- Critical thinking skills for GenAI (Community) 15th July 2025