blog

Recently, the book Discrimination and Privacy in the Information Society has been published. Bart Schermer from Considerati wrote a chapter of the book and is one of the editors. The book discusses the latest technological developments in data mining and profiling.

Nowadays, enormous amounts of data are collected, stored and processed. Though methods as data mining and profiling, these big data are analyzed and used to make administrative and governmental decisions. AI techniques help determine patterns and trends. However, they could also lead to unacceptable forms of discrimination, when unwanted or unjustified selections are made because people are only judged by their digital identity. 

Discrimination and Privacy in the Information Society discusses discrimination and privacy issues related to data mining and profiling practices. It provides technological and regulatory solutions to problems which arise in these innovative contexts. 

Discrimination and Privacy in the Information Society is available at Amazon and Springer.

The new Dutch Cookie Law entered into force on June, 5 2012, and continues to cause a lot of confusion. Especially website administrators are often unsure as to what is expected of them to be compliant to the new Cookie Law. Below, is a short overview of what the new Cookie Law will entail for you and your website, and how you can comply with it. 

Who does the Cookie Law apply to? 

All Dutch websites using cookies have to comply with the Cookie Law. Foreign websites that target the Dutch market have to comply as well. 

What does the Cookie Law apply to?

The new cookie legislation does not only apply to cookies and is therefore more than a ‘Cookie’ Law. This law also applies to any form of posting or reading of data on a user’s computer; flash cookies and web beacons also fall under the scope of the Cookie Law as well, just as ‘device fingerprinting’. 

What are the consequences if I do not complying with the law?

OPTA, the Dutch supervisory authority, can fine you for up to 450,000 euros. 

What is expected of you?

As a website administrator, two actions are expected of you: you have to inform the visitor of your website about the cookies you use, and you have to ask permission to place cookies. Both of these actions have to be done before any cookies are placed. 

How should I inform my users?

It has to be clear for the visitors of your website what the cookies that will be placed actually do. By placing a ‘cookie-message’ in a header, footer or by using a flash page, it is clear for a consumer that your website uses cookies. For more information, the user can be directed to your ‘cookie policy’. Make sure this information is easy to find, for example by placing a link to the policy in the cookie message. 

How should I ask for permission?

Although there are many different types of cookies, permission is required for all of them, except one. Cookies that are strictly necessary for the website to work (such as cookies used for online shopping carts) are exempted from the Cookie Law.  

Additionally, for ‘tracking cookies’ a stricter regime applies as of January 1st, 2013. It is likely that unambiguous consent will be required for those cookies (opt-in). 

Whether, and how, you should ask for permission depends on the type of cookies you use. Browser-settings are not a sufficient basis to deduce consent from, which means the administrator has to actively ask for permission. Although there are different methods to ask the user’s consent, here are the two safest ones:

- Do not enable visitors to use your website until they have accepted your cookie;

- Let visitors choose to either accept the cookies used, or not accept the cookies used. 

These option might not be user friendly enough, or might cause problems for your website. Depending on what type of cookies you use, Considerati can provide specific advice. This way, you can avoid to miss opportunities or having visitors leave your website because of a too strict cookie policy. 

Where should I start?

If you want to be compliant with the Cookie Law, you should take the following steps:

1. Identify what type of cookies your websites uses
Ask your IT-department and/or your website designer what cookies your website places on a visitor’s computer. Make sure to include cookies used by third parties!

2. Classify these cookies by their function
What purpose do those cookies serve? Make a distinction between cookies that are ‘strictly necessary’, tracking cookies, and remaining cookies. Tracking cookies are all cookies used to monitor a user’s behaviour over different websites, such as advertisement cookies or analytic cookies. 

3. Create a cookie policy, based on the used cookies
In this policy, you should inform the user about the type of cookies your website uses, how long those cookies will be saved and how these cookies may be removed. 

4. Decide how you will inform your user, and how you will ask for permission
Opt for a solution that fits you; splash pages, headers, footers or a plug-in from a third party. Every option has its benefits and drawbacks. Considerati can be of service in informing you on all your options. 

5. Implement your solution
Test and then implement the solution. 

Questions?

Considerati can provide tailored and detailed advice, and set up the best plan to apply the new Cookie Law to your website. Fore more information contact wagemans@considerati.com. 

Considerati assisted the Turkish Ministry of Justice with the implementation of the EU E-commerce Directive and hereby closely cooperated with professor Tekin Memis, professor in e-commerce law at Istanbul Sehr University. Ayse Baris, our Turkish intern at Considerati, interviewed professer Memis about developments in Turkish e-commerce regulation. You can read the interview below.

1. What were the problems with Turkish e-commerce before e-commerce regulation was introduced?

Tekin Memis: "Turkey has a young population. The volume of e-commerce is growing exponentially.  In this context, a growing trade should have its own specific rules. Although there was some regulation related to electronic trade in different Turkish laws, there were gaps in these regulations. Therefore, the e-commerce regulation draft was legislated to fill those gaps." 

2. What is the purpose of this regulation?

Tekin Memis: "The draft creates the possibility for actors of trade to meet with different commercial actors. In this context, the Turkish Ministry of Justice and the Dutch Government worked together. Considerati worked on this project simultaneously and had a very positive contribution to this process.  Moreover, Turkish experts had the opportunity to closely examine the experience of the Dutch regulations. Representatives of the Turkish electronic trade sector met with Dutch experts through Considerati. The exchange of information and experience created the best opportunities for that regulation. The draft was discussed many times on different platforms even before the Parliament’s Agenda. The bill, which is related to multiple sectors, broadens the view of experts in each of these fields, such as lawyers, judges industry and the other representatives of civil society.   Afterwards, the Turkish National Assembly has held various discussions on the bill, and finally the draft was referred to the Turkish National Assembly in its current state."

3. How will the customer understand which website is secure to use for shopping?

Tekin Memis: "With the enactment of the bill, consumers can find minimum elements of security on each e-commerce related website. In other words, for a consumer, e-commerce websites will be easily recognizable in the form of ‘according to the law’ or ‘not according to the law’.   However, it should be noted that this bill does not establish a structure to control web pages and give them a certificate concerning their safety."

4. What are the benefits of this regulation for Turkish commercial law?

Tekin Memis: "First of all, without regulation, e-commerce related situations could be confusing for lawyers. Additionally, if we were to fill the gaps in regulation with jurisprudence instead of new regulation, there is a risk of non-uniformity. The proposed bill will enable resolution of those problems in a new legal framework." 

5. What will the benefit of this draft be for the integration of Turkey into the EU?

Tekin Memis: "One of the aims of the bill is to ensure compliance with the European Union’s E-Commerce Directives. Some areas in this directive were not arranged in Turkish Law. Turkey regulated those EU-Directives, such as the EU’s directive concerning the regulation of unsolicited electronic messages."  

6. The commercial sector defends that sending spam-like messages or e-mails is an obstacle to e-commerce, what is your opinion on this?

Tekin Memis: "There is an association that defends this view. An interesting point is that this party evidently argued in the Turkish National Assembly meetings, that SPAM messages should be free. There is no regulation about the protection of personal data in Turkey. Furthermore, all contact information collected by someone can be used for advertising purposes without the consumer’s permission. However, these messages containing personal data constitute an unauthorized intervention of the consumer’s personal rights, and result in loss of a person's time and labor. Therefore, the use of these messages should be hindered in accordance with EU legislation. Up till now, parties, engaging in advertising without permission of consumers and without a legal basis, did not see this as a barrier to online trade. Nevertheless, common sense should be applied in the face of these practices. I personally think that, whoever is carrying out their advertisement activities in accordance with the legal framework, will not be affected by these new regulations. In my opinion, the Turkish e-commerce sector could be more befitting to the international regulations, ethical rules and ultimately personal rights under the condition that the Assembly accepts the proposal." 

7. What is the difference in E- Commerce regulation between Turkey and the EU/U.S.A.?

Tekin Memis: "First of all, the basic principles are not different. However, some differences may occur in the details: in general, the EU and Turkish Draft adopted the opt-in principle, while the United States adopted the opt-out principle. The EU and the United States have some differences in their regulation. These differences are not on fundamental principles however. Moreover, these differences have been established to solve the problems of implementing rules. An example is the implementation of the definitions and regulations concerning the service provider as intermediary."

8. After the law is adopted, what else do you think can or needs to be done to stimulate trust in Turkish E – commerce?

Tekin Memis: "We will prepare an e-commerce's information guide and organize training seminars for different chambers of commerce with the Ministry of Customs and Trade. By presenting a legal framework and informing the society on how to trade electronically in a safe manner, we will open the way for e-commerce in Turkey."

9. Could you tell us how Considerati and The Netherlands contributed to the Turkish E-Commerce draft?

Tekin Memis: "As I said in the beginning, the preparation of the draft was conducted in a project between the Turkish Ministry of Justice and the Government of the Netherlands. During the preparation period, Considerati passed along its knowledge and experience to the scientific committee of the Netherlands and the industry. In every stage, Considerati has provided their support. A visit was organized in order to see the applications in Holland and also two sector meetings took place in Turkey. All these organizations performed with the support of Considerati. I should personally emphasize that, besides the sharing of knowledge and experience within the framework of this project, we are very grateful for the kindness and friendship of the Considerati team. Eventually, we have a successfully completed project, a Draft Law and colleagues in the Netherlands."