A legal problem with planting a cookie in another site's domain

[Joel Harrison]

On 4/11/08, Roland Perry <lists@internetpolicyagency.com> wrote:

> Oddly enough last year I helped persuade ICO that Bluespam was not (as they
> first thought) prohibited - so they changed their guidance. A bit of a blow
> for freedom, but the law is the law.

Impressive job.  That's a thorny debate in itself, but I don't want to
take this OT.

>
> That rested on a very similar area of interpretations.
>
> I'm not arguing in favour of infallibility, but I'd also hate everyone to be
> chasing a red herring. Which bit of ICO guidance contains this particular
> guidance - I find their website very difficult to speed-read.

Guidance on this bit of PECR is in para 2 of the following :

http://www.ico.gov.uk/upload/documents/library/privacy_and_electronic/detailed_specialist_guides/pecr_guidance_part2_1206.pdf

I'll say from the outset that there is no explicit statement here that
reg. 6 is not limited to network operators (or providers of electronic
communications services in the language of PECR).  However, there is
nothing in there to say that it is limited in this way (cf. para 1),
and one would expect the ICO guidance to mention it if it were,
because that is a massively significant limitation.  Plus, as I say,
my experience is that in practice the ICO (and also practitioners in
the field) do not take the view that reg. 6 is limited to network
operators.

In any event, I expect that a court would only hold that reg. 6 is
limited to network operators in the face of clear words to that
effect, and reg. 6 contains no such clear words.

Joel