welcome everyone toe lesson six point to, as we discussed how the presence of cookies on a website
let's jump right into it.
Our learning goals and objectives for less than 6.2
If your company is deploying cookies or if cookies are otherwise deployed on your website, there are additional requirements. Now
we will outline those in this lesson.
Item number two. It is very possible that your company is deploying or welcoming cookies to your website.
If that is the case, you also need to have cookie banners present.
Because that is a notice and transparency requirement.
We will get into that in this lesson,
We will do all that again. In this lesson,
the duty to inform consumers about your data. Handling practices absolutely applies to cookies.
Because the CCP A was established to ensure notice and transparency.
The concern here mainly focuses on the fact that cookies can store and transfer information on users, computers or on their personal devices without their knowledge or consent.
This was something that the drafters of the CCP A were particularly worried about.
They understood that in order to completely update the way that consumers interacted with the Internet, they also needed to update the requirements of how cookies air handled by companies.
This absolutely is within the scope of C. C. P. A. And why it requires an entire module in this course.
With that as a background,
If you are ever reviewed by our regulator, they're going to ask. Well,
why didn't you identify your cookie handling practices?
you need to identify which types of cookies are used on the website.
You need to identify which categories of personal information each cookie collects.
You might notice. This highly mimics the categories of personal information your company collects writ large.
Now they also want to know the categories of information that cookies are collecting.
Identify any third parties that receive personal information thanks to cookies.
But if you're doing this via cookies, you need to identify the specific third parties.
This could be a great instance where using data mapping exercises or data inventory is going to help you identify which third parties or cookies interact with.
Then item number four.
You need to inform your consumers California residents how to control or stand down cookies.
This again is similar to informing residents of California how they can exercise their rights under the C C p. A or how parents can exercise their ability to opt into the sale of their child's information.
is going to have to be Mawr and Mawr Interactive with the users.
I'm actually including in this instance an example from the I A peep.
You'll notice here they identify which types of cookies they use on their website.
They identify the essential cookies, the analytical cookies and the marketing cookies.
If you recall, I identified that you need to call out specifically the marketing cookies. The C C P. A. Is not all that worried about essential cookies. Nor is it worried about analytic cookies.
You do need to, however, identify which cookies you're using.
You see here the I P P identifies those exact cookies
nicely on the right side of your screen. It even identifies how to block those cookies by using cookie consent tools, etcetera.
This is a great example.
You'll notice specifically for marketing cookies. Marcato is a third party vendor that is supporting the cookie.
I A P P. To their credit, is identifying the categories of personal information and the individual entities that are going to be receiving information as a consequence of that cookie being present.
Great example. To follow. I highly recommend it.
Because at this point of collection, individuals need to be aware that you are collecting personal information. We had an entire lesson on that In module four.
That same rule applies to cookie banners.
what is required of a cookie Banner
You need to alert the user that cookies air present.
You need to alert the user which categories of personal information a cookie might collect.
The cookie banner also needs to justify whether third parties will receive personal information thanks to the cookie.
As you can suspect, the cookie banner needs to identify how to control or stand down these cookies.
I'm sure you've seen these been surfing through the website of your choice. A cookie banner appears.
Feel free to pause this video, go to your favorite website and see if all four items that I've mentioned here are appearing in the cookie banner.
That's your way of knowing whether the company is attempting to comply with the ccps cookie banner notice requirements.
Here is a great example.
This is a cookie banner I came across recently.
In fact, if you would like to positive video and see that all four things here are identified somewhere in this cookie banner,
at that point the user can accept all or reject all
again. The main point here is the cookie banner is alerting the user that cookies are present.
It's going to identify which categories of personal information the cookies air going to collect, whether third parties will receive it as a consequence of these cookies and how to stand down or control the cookies if need be
in less than 6.3, I will actually show you mechanisms to stand down the cookies.
I'm looking forward to doing that.
Please be aware that the privacy policies are fairly formula.
If you recall, there was the 11 requirements we went through quickly.
Cookie banners are the same way. There's the four requirements that you need to punch in. Just follow all four and put them in your cookie banner. It's fairly straightforward in my humble opinion.
Also in this module we reviewed riel World examples of privacy policies and cookie banners.
They identify very fluidly what their leverage of cookies are
in the cookie banner Example I gave you. You also again see the full requirements of notice as it relates to cookies.
This is a great opportunity again, as I mentioned with Module five, when we were talking about Children as well as other modules in the past
toe have heart to heart with the other people you work with, including, and especially your marketing, sales and operations teams.
I again highly suspect that they're responsible for the collection of personal information that falls outside of your purview.
They are maybe unaware of the requirements established by the C C P. A,
especially as it relates to cookies.
Feel free again to include them in this lesson and see if you can get their attention for a couple of minutes.
I'll see you in the next lesson. Lesson 6.3. As we dive into the more technical items and identify how to actually stand down cookies,
some useful controls and tips there,
I'll see you in the next video.