Cookies

From InsightWiki
Revision as of 08:48, 3 July 2012 by Admin (talk | contribs) (New page: The cookies used by Insight fall into either Category 1 or Category 3, are only related to the login process, and do not relate to targeted behavioural advertising. There are two Category ...)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

The cookies used by Insight fall into either Category 1 or Category 3, are only related to the login process, and do not relate to targeted behavioural advertising. There are two Category 1 cookies, ASPNET_SessionID and DBAUTH. Category 1 cookies are exempted from consent.

When a user chooses to have their username and password remembered, using the on/off switch on the login screen, two Category 3 cookies are employed LoginID and Password. In this case implied consent is the default for the following reasons. Firstly, it seems reasonable to assume that to be remembered means on the device you ask to be remembered on; that when taking this action the user has a reasonable understanding that a cookie or similar technology would be used. Secondly, the implicit consent will not give users the feeling the site is doing something it did not do before. Finally it is arguable as to whether Insight constitutes a public electronic communications service. Technically, the Category 3 cookies are not set until a successful login has taken place. If you take the position that a Category 3 cookie must have explicit consent before being stored, you can add a message outlining the use of cookies in the process using Manage – Preferences –Login. It is suggested you use a phrase similar to "Remembering your credentials will store a <a href=http://en.wikipedia.org/wiki/HTTP_cookie alt=cookie target=blank>cookie</a> on your device." although you can choose the form of words.

If you would prefer to educate your users about cookies directly, it is suggested to add a .HTM page containing your definitions to the _Personalisation folder, and include a link to this page in Manage – Preferences – Login text. This can be performed independently to the setting of the consent message above. If you elect to do this, you should ensure your definitions are factually correct, not deliberately misleading, and relevant.