[WEB SECURITY] Closing web sites due to legislation

MustLive mustlive at websecurity.com.ua
Sat Jul 7 16:50:43 EDT 2012


Hi Pawel!

Thanks for your point. Here are few thoughts.

> The point is that everyone on this list can actually have their voice
> heard at two levels at least:

This is only in case when legislators are listening to citizens ;-). For
example, our legislators aren't like very much to listen to people's
opinion. So it'll depend on situation in specific country.

> 1) EU public consultation - this is now closed for the e-privacy
> directive, but...
> 2) EU directive needs to be implemented at national level - and this is
> happening now

You've said that in Poland the second part of this process is going on and
you've took part in it. At different sites, where I have read about this law
(some information was on mentioned by me earlier
http://www.ico.gov.uk/for_organisations/privacy_and_electronic_communications/the_guide/cookies.aspx),
it was stated that this EU directive was released already in 2009 (EU Cookie
Directive 2009/136/EC) and for implementation on national level was given
some time. And this time already gone, at least in UK, about which was the
most information which I found, the directive was implemented in May 2011
and one year was given for web sites for adoption. And since 26th of May
2012 the law officially started to work in UK. So for them everything is
finished with consultation and implementation. Do you want to say, that
there is still not made an implementation of this law in Poland and how long
it will take?

The interesting is that ICO updated information about Cookie Law at their
site. In June 2012, European data protection authorities adopted an opinion, 
which clarifies that some cookie uses might be exempt from the requirement 
to gain consent.

P.S.

Guys, as you can see from the list of different laws for fining or closing
web sites due to legislation, which I published to the list - #1
(http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2012-June/008400.html)
and #2
(http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2012-June/008418.html)
 - there are not only IT related laws. So web sites can be fined or closed
as due to IT related laws ("cookie law" is strictly Internet related law),
as due to others laws (such as copyright violation or spreading of forbidden
materials, which concerns both online and offline sphere).

Best wishes & regards,
Eugene Dokukin aka MustLive
Administrator of Websecurity web site
http://websecurity.com.ua

Pawel Krawczyk pawel.krawczyk at hush.com
Wed Jun 6 16:08:06 EDT 2012

> On Wednesday, June 06, 2012 at 7:46 PM, Pavol Luptak <pavol.luptak at
> nethemba.com> wrote:
>
> >Yes. And it will be another regulation that makes the EU less
> >competitive
> >(for Internet portal, business, ..) compared to the other non-
> >regulated world.
>
> Fully agreed, but the EU law is not given by gods :)  The point is that
> everyone on this list can actually have their voice heard at two levels at
> least:
>
> 1) EU public consultation - this is now closed for the e-privacy
> directive, but...
> 2) EU directive needs to be implemented at national level - and this is
> happening now
>
> Here's a very important role for technical experts and organisations to
> participate in your government's public consultation (with or without
> solicitation); in Poland a number of experts (including myself) sent their
> opinnions against this regulation that somewhat balanced paranoid and
> clueless voices of "privacy protectors". It the first place it gives your
> government a reason to soften the interpretation of the directive, second
> it gives them a reason to lobby against the directive in Brussels.
>
> -- 
> Pawel Krawczyk, CISSP
> http://ipsec.pl http://echelon.pl
> +48 602 776959






More information about the websecurity mailing list