Please note that this is a page from a previous version of Continuity Central and is no longer being updated.

To see the latest business continuity news, jobs and information click here.

Business continuity information

EU cyber security agency warns of risks associated with new types of cookies

The EU’s cyber security agency ENISA has published a position paper on the security and privacy concerns regarding new types of online cookies. The advertising industry has led the drive for new, persistent and powerful cookies, with privacy-invasive features for marketing practices and profiling.

The Agency recommends that both the user browser and the origin server must assist informed consent; that users should be able to easily manage their cookies; and that users should be provided with another service channel if they do not accept cookies.

The Agency recommends a thorough study of different interpretations in the Member States, once the Directive 2009/136/EC has been implemented, by 25 May 2011.

The new Agency Position Paper identifies and analyzes cookies in terms of security vulnerabilities and the relevant privacy concerns. Cookies were originally used to facilitate browser-server interaction. Lately, driven by the advertising industry, they are used for other purposes; e.g. advertising management, profiling, tracking, etc. The possibilities to misuse cookies both exist and are being exploited.

The new type of cookies support user-identification in a persistent manner and do not have enough transparency of how they are being used. Therefore, their security and privacy implications are not easily quantifiable.

The Executive Director of ENISA, Prof. Udo Helmbrecht states:

”Much work is needed to make these next-generation cookies as transparent and user-controlled as regular HTTP cookies, to safeguard the privacy and security aspects of consumers and business alike”.

Read the full paper.

•Date: 22nd Feb 2011 • Region: Europe •Type: Article •Topic: ISM news

How to advertise How to advertise on Continuity Central.

To submit news stories to Continuity Central, e-mail the editor.

Want an RSS newsfeed for your website? Click here