Monday, March 7, 2011

Net set to make cookies crumble

How websites track visitors and tailor ads to their behaviour is about to undergo a big shake-up.

From 25 May, European laws dictate that "explicit consent" must be gathered from web users who are being tracked via text files called "cookies".

These files are widely used to help users navigate faster around sites they visit regularly.

Businesses are being urged to sort out how they get consent so they can keep on using cookies.

Track changes

The changes are demanded by the European e-Privacy directive which comes into force in the UK in late May.

The section of the directive dealing with cookies was drawn up in an attempt to protect privacy and, in particular, limit how much use could be made of behavioural advertising.

This form of marketing involves people being tracked across websites, with their behaviour used to create a profile that dictates the type of adverts they see.

As part of its work to comply with the directive, the IAB - an industry body that represents web ad firms - created a site that explains how behavioural advertising works and lets people opt out of it.

The directive demands that users be fully informed about the information being stored in cookies and told why they see particular adverts.

"Start Quote

It's going to happen and it's the law."

End Quote Christopher Graham Information Commissioner

Specifically excluded by the directive are cookies that log what people have put in online shopping baskets.

However, the directive is likely to have an impact on the more general use of cookies that remember login details and enable people to speed up their use of sites they visit regularly.

It could mean that after 25 May, users see many more pop-up windows and dialogue boxes asking them to let sites gather data.

Data delay

The exact steps that businesses have to go through to comply with the law and gain consent from customers and users are being drawn up by the Department for Culture, Media and Sport (DCMS).

A spokesman for the DCMS said that work on the regulations was "ongoing" but would not be complete by 25 May.

In a statement, Ed Vaizey, minister for Culture, Communications and the Creative Industries, said he recognised that the delay would "cause uncertainty for businesses and consumers".

"Therefore we do not expect the Information Commissioner's Office (ICO) to take enforcement action in the short term against businesses and organisations as they work out how to address their use of cookies," he added.

Information Commissioner Christopher Graham said: "I cannot bark at the industry at the moment because I have not got the regulations."

However, Mr Graham stressed that the government's confession that the regulations will be delayed should not be a spur to inaction.

"My message is that this is not your 'get out of jail free' card," he said.

The response to complaints about firms that flout the directive will be viewed in light of what they have done to prepare for it, continued Mr Graham.

Businesses should be considering how they will communicate with customers to get consent and look at the technical steps that might make that process easier, he explained.

Early work by the ICO suggests that gathering consent by changing settings on browsers may not be sophisticated enough for the demands of the directive.

"They have to think seriously about this," said Mr Graham. "It's going to happen and it's the law."



Powered By WizardRSS.com | Full Text RSS Feeds | Amazon WordPress PluginHud 1 Settlement Statement

Facebook adds suicide help system

Facebook is launching a system that allows users to report friends who they think may be contemplating suicide.

The feature is being run in conjunction with the Samaritans, which said several people had used it during a test phase.

Anyone worried about a friend can fill out a form, detailing their concerns, which is passed to the site's moderators.

It follows reports of several cases where Facebook users announced their intention to commit suicide online.

The reporting page asks for the address (URL) of the Facebook page where the messages are posted, the full name of the user and details of any networks they are members of.

Suicide-related alerts will be escalated to the highest level, for attention by Facebook's user operations team.

Police alert

"When a report is made, they then assess whether they need to call the police immediately or forward it on to us," said the Samaritans' Nicola Peckett.

Facebook said that it had always been its policy to notify police if a user was at risk of imminent bodily harm.

The system had been operating in a trial mode, without publicity for three months, during which it received several genuine reports and no hoaxes, according to the Samaritans.

It is hoped that the new reporting mechanism will help prevent cases like that of Simone Back, who died on Christmas day after taking a drug overdose.

The charity worker from Brighton had written about her intention to kill herself on her Facebook page.

Several of her friends commented on the message, however no-one raised the alarm.

The Samaritans said that the new system was not launched in relation to one specific case, but to raise awareness of the ways in which people could get help.



Powered By WizardRSS.com | Full Text RSS Feeds | Amazon WordPress PluginHud 1 Settlement Statement

Sony gets PS3 hack case details

Sony has been given permission to obtain details of people who downloaded files needed to hack the PlayStation 3.

A judge in San Francisco granted the electronics giant a subpoena that would allow it to see a list of IP addresses.

The software, used to crack the PS3's operating system, was posted on the website of George Hotz, who is also known as Geohot.

Sony is suing Mr Hotz, claiming his hacks breach copyright laws, and could allow users to play pirated games.

Court documents, obtained by Wired magazine, show that the company successfully petitioned to obtain IP addresses from the web-hosting company Bluehost.

The details could be used to trace the real-world geographical locations of users who accessed George Hotz's website, Geohot.com.

However, it may not be Sony's intention to take legal action against those found to have downloaded the software crack.

Illicit conduct

Sources with knowledge of the case said there was unlikely to be the appetite for a prolonged and expensive series of legal challenges.

Rather, the subpoena document suggests that Sony wants to discover the number and location of the downloaders in order to establish jurisdiction in its case against Mr Hotz.

"SCEA [Sony Computer Entertainment America] needs to determine how rampant the access to and use of these circumvention devices has been in California in order to rebut Mr Hotz's suggestion that his illicit conduct was not aimed at the forum state," the document reads.

The subpoena also grants Sony the right to access information relating to the case from Twitter, Google Blogspot and YouTube.

Restraining order

The company had previously been granted a restraining order against Mr Hotz, banning him from revealing techniques to manipulate the PlayStation 3's operating system.

The 21-year-old, along with a number of other individuals, is charged with violating several copyright-related laws, including the Digital Millennium Copyright Act

He is also accused of offences under the United States' Computer Fraud and Abuse Act.

Mr Hotz denies that he set out to help software pirates, claiming instead that he was championing the 'home brew' community - users who write their own software for the PS3.

Sony has said it is now able to remotely identify users who are running hacked PlayStation 3 consoles and that it will ban persistent offenders from using its online services.



Powered By WizardRSS.com | Full Text RSS Feeds | Amazon WordPress PluginHud 1 Settlement Statement

Cyber attack targeted Paris G20

The French finance ministry has confirmed it came under a cyber attack in December that targeted files on the G20 summit held in Paris in February.

Budget Minister Francois Baron said an investigation had been launched, adding: "We have leads".

It follows a report in Paris Match magazine that claimed a sustained cyber attack sought documents related to the G20 and international economic affairs.

More than 150 computers at the ministry were affected.

'Determined professionals'

"We noted that a certain amount of the information was redirected to Chinese sites," an anonymous official was quoted by the French magazine. "But that [in itself] does not say very much."

An official complaint has been filed with French courts, and the matter has been taken up by the secret service.

"The actors were determined professionals and organised," Patrick Pailloux, director general of the French National Agency for IT Security told Paris Match.

"It is the first attack of this size and scale against the French state."

The summit agreed a list of targets for reducing imbalances in the global economy in order to head off future financial crises.

The topic was particularly contentious for the Chinese, who resisted calls to target exchange rate valuations, currency reserves and economic surpluses.

The US and other countries accuse China of buying up trillions of dollars in foreign reserves in order to hold down the value of the yuan and gain an unfair competitive advantage in trade.



Powered By WizardRSS.com | Full Text RSS Feeds | Amazon WordPress PluginHud 1 Settlement Statement