In a previous post UK website owners responsibilities regarding new legislation was highlighted with four key actions
1) Understand the websites you are responsible for ?
2) Understand the cookies that are set (find out how)
3) Determine why and when they are set – Good housekeeping is to get rid of superfluous coding.
With the 25th May 2011 deadline fast approaching the requirement to be at least aware of what cookies you ebnable through your web site is growing. To conduct an audit you have various options e.g. contact your IT department and request information or use 3rd party audit tools etc. However fisrt step may be to do a quick sense check i.e. review sites by hand to see how big an issue is it?
All About cookies provides instructions on browser setting for the main browsers and their various versions i.e
1) Internet Explorer
2) Mozilla Firefox
3) Google Chrome
4) Apple Safari
Ranked in popularity based on Gfk NOP Web Browser stats
However this post is aimed at demonstrating what you can do to conduct a quick sense check.
Just to set expectations - Don’t be disappointed when all you get is a string of characters because that is all cookies are – a string of text that doesn’t tell me anything obvious.
However this is the crux as all cookies provide a recognition key - It is not necessarily the cookie but if any & what data is stored. As this subsequently is used to enable functionality on the website or captured on the databases of the companies setting the cookies & this raises the issues relating to privacy and storing PID (personal identifiable data).
As a working example the UK Information Commissioner’s Office website has been used using Internet Explorer (IE9) here (other browsers are available)
Open up the website page you want to review then click > Tools menu > F12 Developers tools
This will open a second screen - The Developer Screen which has a 2nd menu - Click on Cache > View Cookie information.
A new browser window will open detailing the cookies set for the page
Now you have an overview in a position to understand what is set and use this as a basis for understanding why and how this happens. If you don’t understand the purpose and rationale behind the cookies your site is setting can you really comply with the 8 Data protection principles?
Unfortunately you may need you technical team to determine the source of how cookies are set & your legal team to ensure cookies being set by 3rd parties are appropriate - but you have a basis of knowing where to start from.
If you want to find out more regarding other browsers or complete web site audits contact us.