Difference between revisions of "Privacy Policy"

From WOT Wiki
Jump to: navigation, search
(Cookie policy)
Line 4: Line 4:
  
 
For a more detailed explanation on what a privacy policy is and possible legalities requiring you to have a privacy policy on your website, please refer to this [https://secure.wikimedia.org/wikipedia/en/wiki/Privacy_policy Wikipdia article]
 
For a more detailed explanation on what a privacy policy is and possible legalities requiring you to have a privacy policy on your website, please refer to this [https://secure.wikimedia.org/wikipedia/en/wiki/Privacy_policy Wikipdia article]
 
  
 
For help in creating your own privacy policy, [http://www.dmaresponsibility.org/PPG/ The Direct Marketing Association] has some good advice as well as a free, online privacy policy generator.
 
For help in creating your own privacy policy, [http://www.dmaresponsibility.org/PPG/ The Direct Marketing Association] has some good advice as well as a free, online privacy policy generator.
 
  
 
Other references:
 
Other references:
Line 17: Line 15:
  
 
==Cookie policy==
 
==Cookie policy==
A cookie policy is usually part of the privacy policy. It's addressed within it's own section (normally a paragraph) which states what type of [http://en.wikipedia.org/wiki/HTTP_cookie cookies] are used: session, persistent, or [http://en.wikipedia.org/wiki/Local_Shared_Object local shared object (LSO)].
+
A cookie policy is usually part of the privacy policy. It's addressed within it's own section (normally a paragraph) which states what type of [http://en.wikipedia.org/wiki/HTTP_cookie cookies] are used: session, or persistent.
  
 
Your site should offer as few cookies as possible, preferably none. The more widgets, advertising, and other third-party intervention causes your site to drop more cookies on to your visitors computers. When you do use scripts, or browser bars, or social networking link "buttons", etc you should address these in your cookie policy and offer explicit links to the other privacy policies available on these outside sources.
 
Your site should offer as few cookies as possible, preferably none. The more widgets, advertising, and other third-party intervention causes your site to drop more cookies on to your visitors computers. When you do use scripts, or browser bars, or social networking link "buttons", etc you should address these in your cookie policy and offer explicit links to the other privacy policies available on these outside sources.
Line 29: Line 27:
 
===Tracking===
 
===Tracking===
 
A cookie policy should also mention whether the site uses any third-party trackers: Google Analytics and Quantserve are two popular ones. Tracking may also be done by using [http://en.wikipedia.org/wiki/Web_beacons web beacons] (web bug, tracking bug, tracking pixel, pixel tag, 1×1 gif, clear gif) This should be explicitly mentioned in your privacy policy if your site uses this technology.
 
A cookie policy should also mention whether the site uses any third-party trackers: Google Analytics and Quantserve are two popular ones. Tracking may also be done by using [http://en.wikipedia.org/wiki/Web_beacons web beacons] (web bug, tracking bug, tracking pixel, pixel tag, 1×1 gif, clear gif) This should be explicitly mentioned in your privacy policy if your site uses this technology.
 +
 +
===Local stored object (LSO)===
 +
[http://en.wikipedia.org/wiki/Local_Shared_Object local shared object (LSO)] are also reffered to as "zombie" or "super" cookies. They are part of Adobe Flash. Quating from Adobe:
 +
<blockquote>Local shared objects, sometimes referred to as "Flash cookies," are data files that can be created on your computer by the sites you visit. Shared objects are most often used to enhance your web-browsing experience. A website can write a cookie on your computer, and the next time you visit it will load that cookie and its information in a way that provides a more customized experience. For example, you may have asked a site to remember your login name. That information is stored in the cookie and retrieved on your next visit so that the website displays your name in the login field on the site.</blockquote>
 +
The interesting thing about LSO's are that when you delete your cookie cache, the LSO is able to rewrite the cookie. This causes the LSO to be used not only for tracking, but for spyware as well. The only time your site should use Adobe Flash LSO's are when you have created Flash files (.SWF / .FLV) to share with your visitors and these local stored objects shuold not be abused with the intent on spying upon your site visitors.
 +
 +
A little more information may be found on: [[local stored object|local stored object]]
 +
  
 
A few [http://www.mywot.com/forum/7300-privacy-lawsuit-targets-net-giants-over-zombie-cookies articles] of interest:
 
A few [http://www.mywot.com/forum/7300-privacy-lawsuit-targets-net-giants-over-zombie-cookies articles] of interest:
Line 34: Line 40:
 
* Browser Fingerprints Threaten Privacy
 
* Browser Fingerprints Threaten Privacy
 
* A Primer on Information Theory and Privacy
 
* A Primer on Information Theory and Privacy
 +
* Flash Cookies and Privacy
  
  
 
see also:
 
see also:
 
[[Personally Identifiable Information (PII)|Personally Identifiable Information (PII)]]
 
[[Personally Identifiable Information (PII)|Personally Identifiable Information (PII)]]

Revision as of 19:21, 15 August 2010

A privacy policy is a statement of how and why your company / website collects Personally Identifiable Information (PII), what it does with it, what choices the consumer has about how it is used, whether the consumer can access the information, and what you do to assure that the information is secure.

Other privacy concerns that a privacy policy should address are the use of cookies and/or web bugs, if any.

For a more detailed explanation on what a privacy policy is and possible legalities requiring you to have a privacy policy on your website, please refer to this Wikipdia article

For help in creating your own privacy policy, The Direct Marketing Association has some good advice as well as a free, online privacy policy generator.

Other references:


Cookie policy

A cookie policy is usually part of the privacy policy. It's addressed within it's own section (normally a paragraph) which states what type of cookies are used: session, or persistent.

Your site should offer as few cookies as possible, preferably none. The more widgets, advertising, and other third-party intervention causes your site to drop more cookies on to your visitors computers. When you do use scripts, or browser bars, or social networking link "buttons", etc you should address these in your cookie policy and offer explicit links to the other privacy policies available on these outside sources.

When using third-party advertising such as Google or DoublClick, reference their usage and include the appropriate links. Google is just one example of many advertising sites.

Tracking

A cookie policy should also mention whether the site uses any third-party trackers: Google Analytics and Quantserve are two popular ones. Tracking may also be done by using web beacons (web bug, tracking bug, tracking pixel, pixel tag, 1×1 gif, clear gif) This should be explicitly mentioned in your privacy policy if your site uses this technology.

Local stored object (LSO)

local shared object (LSO) are also reffered to as "zombie" or "super" cookies. They are part of Adobe Flash. Quating from Adobe:

Local shared objects, sometimes referred to as "Flash cookies," are data files that can be created on your computer by the sites you visit. Shared objects are most often used to enhance your web-browsing experience. A website can write a cookie on your computer, and the next time you visit it will load that cookie and its information in a way that provides a more customized experience. For example, you may have asked a site to remember your login name. That information is stored in the cookie and retrieved on your next visit so that the website displays your name in the login field on the site.

The interesting thing about LSO's are that when you delete your cookie cache, the LSO is able to rewrite the cookie. This causes the LSO to be used not only for tracking, but for spyware as well. The only time your site should use Adobe Flash LSO's are when you have created Flash files (.SWF / .FLV) to share with your visitors and these local stored objects shuold not be abused with the intent on spying upon your site visitors.

A little more information may be found on: local stored object


A few articles of interest:

  • Privacy Lawsuit Targets Net Giants Over ‘Zombie’ Cookies
  • Browser Fingerprints Threaten Privacy
  • A Primer on Information Theory and Privacy
  • Flash Cookies and Privacy


see also: Personally Identifiable Information (PII)