For users and administrators of the web, chances are the European Commission rules on cookies which became law in May will affect the internet landscape.
These new cookie privacy rules are Citizen's Rights Directive 2009 revisions to the EU Privacy and Electronic Communications Directive 2002, implemented in the UK via the Privacy and Electronic Communications Regulations 2011.
Under the previous regime, cookies were dropped onto a user's computer unless the user had specifically opted out for the site concerned.
The idea is to provide greater privacy for internet users, and control what data website operators can drop onto a visitor's computer.
The legislation is still in its early days of deployment – and the ICO has not yet begun discussions with any website operators failing to abide by the new rules – but my observations are that implementing this directive has not been an easy task for most IT professionals.
Meanwhile, few internet users are fully aware of the new requirements and what they mean, although the ICO has issued helpful guidance notes on the need for cookie audits, user impact assessments, and action plans. Most automated website-in-a-box services have also incorporated EU cookie facilities for their customers.
Geolocation services can bring tremendous rewards to websites when it comes to marketing and the like, but the new law introduces risk for businesses that wish to take advantage. This is mainly because their websites are now required to interpret a lot of the data on the user "in the clear" – including location, time of use and browsing habits.
So most organisations should now be cautious when embracing mobility and all its features, as well as including mobile devices in their corporate security strategies and integrating those devices within their business asset management programme.
The issue of most concern is that an increasing number of mobile devices store corporate information and are used for enterprise activities. Service providers must now indicate explicitly that the browsing session on a given set of web pages is being tracked or recorded.
Complying with the EU cookie directive is important because the data involved is both high risk and personal. Without effective implementation, users' digital personae could more easily fall into the wrong hands, including those of other internet marketers. Most web users have fewer barriers and fewer secrets than they did just a few years ago.
Many web users, in fact, think it cool to post where they are, what they are doing, with whom, when, and even why. And our surveys reveal that this proportion of users is growing.
Therefore, organisations must define a security posture for the classification of information, data collection practices and so on, that can identify a person's present, past, and future locations. They must clearly indicate the methods of collection used and the retention policies, as well as when and how the information will be destroyed.
Failure to comply will be costly in financial, legal, and reputational terms. Users must be able to trust an organisation and its information systems. Businesses, no matter where they are located, should provide opportunities for users to opt in – not by default, but explicit consent.
Services and IT providers need to be aware that customer organisations should include geolocation data as one of the priorities within their audit governance strategy, where governance is understood as setting strategic directions and achieving corporate goals, working out that risks are managed and resources responsibly used.
Bodies such as ISACA can help organisations form this central plank of a company's governance strategy. The bottom line is that, properly governed, geolocation technology is a useful tool for both consumers and businesses, and the new EU cookie directive will, in the end, protect both parties.
Highlander MD Steve Brown tells CRN about the skills he learned on the pitch and brought to the boardroom
Reports suggest Dell is pursuing a straightforward IPO, contradicting existing plans to buy out tracking stock holders
Analysts predict upturn in PC market next year, but 2018 to remain plagued by components shortages
Neil Sawyer claims he has 'never seen so many conversations about a new method of investing in workplace technology'