Monday, April 25, 2016

PRIVACY - Blocking Ad-Block Software in EU

"Blocking Ad-Blockers May Be Illegal in the EU Thanks to the Cookie Law" posted by Rich-M on CHF 4/23/2016

NOTE:  You must be a member to post on CHF (Computer Help Forums)

A letter from the President of the European Commission may spark an ongoing war between privacy advocates and online publishers that use anti-ad-blocking filters on their sites.

Alexander Hanff, CEO of Think Privacy Inc., has penned a letter to Jean-Claude Juncker, EC's president, this past winter, asking for clarification regarding the language of the e-Privacy Directive's Cookie Law.

Mr. Hanff wanted to know if the cookie law is referring strictly to browser cookies or the general notion of gathering "any information stored on such equipment [is] part of the privacy sphere of the users requiring protection."

Scanning for ad-blockers breaks the EU's e-Privacy Directive

The response of the European Commission was clear, and that any type of server or client-side scripts that attempt to access or collect information stored on the user's devices fall under the e-Privacy's umbrella, meaning that publishers need to ask for permission before gathering any type of data, not just about cookies.

Under Mr. Hanff's expert opinion, this also includes ad-blocking blocking technologies that prevent users from viewing a website's content if they have an ad-blocker installed in their browser.

In order to work, those websites need to run JavaScript code in the users' browsers.  These scripts gather information about the users' local configuration, an action which falls under the Commission's interpretation of scanning and collecting private user data, hence must be prompted and asked for permission.

Based on this response, to comply with this new interpretation of the cookie law, Internet publishers must ask you if they can scan your browser for ad-blocking software, and then prompt you to disable the ad-blocker if you agree.

The problem of server-side scripts

Mr. Hanff's says that his original letter only included the question of client-side scripts that scanned for ad-blockers, but he points out that the answers received from the European Commission include references and legal opinions that cover server-side scripts as well.

Under this latter category, any analytics service could potentially be affected.  Mr. Hanff has answered Softpedia's inquiry, and he argues that this is true.  Any analytics service, that employ client or server-side scripts, should also ask for permission.  Until now, only analytics services that deployed client-side cookies were affected by the EU Cookie Law.  This means that analytics services, commercial or deployed in-house, relying on server-side scripts are also impacted and may need to ask for permission.

This is just one of the questions we can raise from this letter.  Of course, the ramifications of this response might need to be debated by people with actual in-depth knowledge of EU law, and not us.

What is certain is that Mr. Hanff has pledged to use the answer he received from the European Commission to start legal actions against any publisher that blocks users with ad-blockers installed to access their websites.

Below are tweets from Mr. Hanff on this matter, along with images of the answer he received from the European Commission.

Read more here

No comments: