Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Compliance

Qualys Helps Organizations Comply With EU Cookie Directive

Qualys, the soon-to-go-public provider of cloud security and compliance solutions, today said that its flagship QualysGuard Web Application Scanning (WAS) service will be able to help customers identify Web application cookies in order to help organizations comply with the European Union (EU) Cookie Directive that will be enforced in the United Kingdom (UK) effective on May 26, 2012.

Qualys, the soon-to-go-public provider of cloud security and compliance solutions, today said that its flagship QualysGuard Web Application Scanning (WAS) service will be able to help customers identify Web application cookies in order to help organizations comply with the European Union (EU) Cookie Directive that will be enforced in the United Kingdom (UK) effective on May 26, 2012.

Last May, the UK adopted regulations to implement the 2009 EU E-Privacy Directive, which requires web sites to get permission from visitors before they can store cookies or other information used to track their online actions.

QualysThe UK Cookie Directive is privacy legislation that requires web sites to gain consent from visitors before they can store cookies or other information used to track a user’s actions — fundamentally changing how web application owners interact with users. One of the challenges with the new regulations for many organizations is identifying if a particular site or web application is using cookies that require the user’s consent. While customers may not be aware that companies are tracking their activity, companies that utilize such tracking techniques by utilizing third party services may not even be aware that their activities may be in violation of the Cookie Law, Qualys explained.

According to the results of a study on the behavioral tracking on 269 different sites, Keynote Systems discovered that 86 percent of the sites analyzed included third-party tracking of site visitors and, as a result, violated one or more common tracking-related U.S. privacy standards.

With the new features added to QualysGuard, organizations can identify the cookies that their web applications are using, including those issued by third parties. Using the information gathered, organizations can then evaluate whether the cookies are subject to the law and then update the web application to ensure it meets the EU legislation.

While the EU cookie legislation went into effect last year, the UK’s Information Commissioner’s Office (ICO) has set May 26, 2012 as the enforcement date. The ICO is the body responsible for enforcing the UK regulation, with authority to levy fines on web site owners up to £500,000. The ICO is also preparing a web site and tool that will allow users to check and report websites that do not comply with the regulations.

“As this new law impacts any web sites with European visitors, we are pleased to provide our customers with an easy-to-use solution to quickly assess their web sites and provide an accurate list of the ones that store cookies so they can review and update to meet this new law,” said Philippe Courtot, chairman and CEO of Qualys.

This solution is available immediately as part of QualysGuard WAS 2.3. Earlier this motnth, Redwood City, California-based Qualys introduced a private cloud version of its QualysGuard Platform that allows customers and partners to host and operate the security and compliance platform within their data centers.

Related NewsKeynote Launches Web Site Privacy Compliance Monitoring Service

Related News: Qualys Launches Private Cloud Version of QualysGuard Platform

Written By

Click to comment

Expert Insights

Related Content

Audits

Out of the 335 public recommendations on a comprehensive cybersecurity strategy made since 2010, 190 were not implemented by federal agencies as of December...

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Privacy

The EU's digital policy chief warned TikTok’s boss that the social media app must fall in line with tough new rules for online platforms...

Privacy

Meta was fined an additional $5.9 million for violating EU data protection regulations with WhatsApp messaging app.

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...