My mother's family are all from Aberdeenshire where I spent the best part of my childhood. We would relocate our company to Scotland in a heartbeat if it stays in the EU. So, I was not happy when a "digital law specialist" from Glasgow, Heather Burns, published my personal data ...

A proposal for restricting user indentifiers to site-specific contexts. The DNT Tracking Preference Expression document ( TPE ) allows for the registration and communication of site-specific consent, but there is no verifiable or transparent way to implement this using HTTP cookies. Although servers can stop using UID cookies when the ...

The European Commission’s recent proposal for the new ePrivacy Regulation (EPR), like the ePrivacy Directive which it will replace, creates rules on how websites or service providers should process communication data and access to storage in users’ equipment. It requires that users’ “freely given, informed, specific & unambiguous” consent must ...

Recent reports reveal that the UK’s GCHQ has hacked into computers belonging to Dutch multinational Gemalto, to gain access to encryption keys used for mobile telecommunications. They did this by targeting particular Gemalto staff that had access to files containing the keys, and scouring their interoffice emails. The keys were ...

Another method allowing targeted advertisers to avoid Safari third-party cookie blocking has been found on a UK website, implemented by a French AdTech company. I have pointed out before that an early decision by the Tracking Protection Working Group (TPWG) was that servers could take different action on receipt of ...

Yesterday’s announcement from the CPB, the Dutch DPA, that they were giving Google till the end of February to comply with the Data Protection Act is another sign that European laws on online privacy are now being enforced. European online privacy and data protection law has a long history, developed ...

A number of posts have reported on the death of the cookie, like this one in VentureBeat , but, as Mark Twain famously said, "the reports of my death have been greatly exaggerated". SSO (and any log-on) uses cookies. They are usually first-party, but they are still HTTP cookies and ...

On tracking some of the trackers some of the time. Ghostery claims to show you “the invisible web” and block activity that could track your activity, but omits to report tracking by Google. The code is not open source but it is possible to see how it basically operates, which ...

The e-privacy directive was designed is to give people control over tracking, i.e. you have to be asked for permission before collecting data about your web history. Of course, the technique most often used for tracking is persistent UID cookies, but the language in Article 5 of the Directive is ...

The AddThis script is no longer using canvas fingerprinting on any of the sites we have looked at. In July we found many sites that were using this technique, including the White House and the UK Labour Party . Click on one of the links above to see a live ...