A letter from the President of the European
Commission may spark an ongoing war between privacy advocates and online
publishers that use anti-ad-blocking filters on their sites.
Alexander Hanff, CEO of Think Privacy Inc., has
penned a letter to Jean-Claude Juncker, EC's president, this past
winter, asking for clarification regarding the language of the e-Privacy
Directive's Cookie Law.
Mr. Hanff wanted to know if the cookie law is
referring strictly to browser cookies or the general notion of gathering
"any information stored on such equipment [is] part of the privacy
sphere of the users requiring protection."
Scanning for ad-blockers breaks the EU's e-Privacy Directive
The response of the European Commission was clear,
and that any type of server or client-side scripts that attempt to
access or collect information stored on the user's devices fall under
the e-Privacy's umbrella, meaning that publishers need to ask for
permission before gathering any type of data, not just about cookies.
Under Mr. Hanff's expert opinion, this also includes
ad-blocking blocking technologies that prevent users from viewing a
website's content if they have an ad-blocker installed in their browser.
In order to work, those websites need to run
JavaScript code in the users' browsers. These scripts gather information
about the users' local configuration, an action which falls under the
Commission's interpretation of scanning and collecting private user
data, hence must be prompted and asked for permission.
Based on this response, to comply with this new
interpretation of the cookie law, Internet publishers must ask you if
they can scan your browser for ad-blocking software, and then prompt you
to disable the ad-blocker if you agree.
The problem of server-side scripts
Mr. Hanff's says that his original letter only
included the question of client-side scripts that scanned for
ad-blockers, but he points out that the answers received from the
European Commission include references and legal opinions that cover
server-side scripts as well.
Under this latter category, any analytics service could potentially be affected. Mr. Hanff has answered Softpedia's inquiry,
and he argues that this is true. Any analytics service, that employ
client or server-side scripts, should also ask for permission. Until
now, only analytics services that deployed client-side cookies were
affected by the EU Cookie Law. This means that analytics services,
commerical or deployed in-house, relying on server-side scripts are also
impacted and may need to ask for permission.
This is just one of the questions we can raise from
this letter. Of course, the ramifications of this response might need to
be debated by people with actual in-depth knowledge of EU law, and not
us.
What is certain is that Mr. Hanff has pledged to use
the answer he received from the European Commission to start legal
actions against any publisher that blocks users with ad-blockers
installed to access their websites.
Below are tweets from Mr. Hanff on this matter, along with images of the answer he received from the European Commission.
Comments
Post a Comment