With the impending countdown of the ePrivacy grace period ending on the 26th May 2012, the IAB's Affiliate Marketing Council have today released a framework that helps publishers / affiliates in their steps towards complying with new guidance set out by the Information Commissioner's Office (ICO).
The guidance covers three areas within the document, including suggested action points that aims to help compliance for affiliates / publishers, help in conducting a cookie audit of your website, plus background information to the revised law.
You can download the full document here, however A4u has picked a few of the suggested compliance methods below.
*Please note: This Framework does not constitute legal advice. We recommend that businesses take their own legal advice for their own circumstances
Conducting a Cookie Audit of your website
1) Following the advice of the ICO, Affiliates / Publishers should be establishing a clear assessment of your cookie usage and technologies. These also include 3rd party advertising that you may have on your site (e.g Doubleclick, Mediaplex, Atlas) but importanly you should understand how these work. Speak to networks and agencies you work with to find the relevant information.
2) The ICO advises businesses to make an assessment on how intrusive cookies (or other technology) use is.
Compliance Audit Example Questions
Backing the IAB's Affiliate Marketing Council in their steps to ensure affiliates / publishers are doing all they can to comply with impending regulations, A4u encourages you to conduct an audit of the cookies used on your site, using the following questions to create your audit document:
- Date of audit
- Audit carried out by
- Cookie Name
- Cookie Type – Persistent, Temporary, Flash
- Is it first or third party?
- Cookie Purpose
- Cookie Duration
- What data is held in the cookie?
- Is there any personally identifiable data or is it all anonymous?
- If there is any personally identifiable data state what it is and why it is there?
- Is the cookie used to provide targeted advertising?
- Where is the cookie used? (How would a user be exposed to it?)
- What country users is the cookie aimed at (e.g. UK users)?
- Where is the website's published policy that explains the cookie?
- Is the user provided with an explanation of how to delete the cookie?
- Is the user provided with an explanation of how to prevent the cookie?
- What measures are needed to address compliance issues? Describe how the measure is of benefit to the user (for instance how it provides greater transparency and offers a greater ability for the user to control their privacy).
ICO recommendations to notify about cookie use
One of the key measures of transparency will be how accessible the information is. While a pop-up culture is not intended the ICO has provided guidance regarding where information might be placed.