What is Juniper's position regarding Mykonos Web Security (MWS) and EU cookie laws?

  [KB25858] Show Article Properties


Summary:
What is Juniper's position regarding Mykonos Web Security and the UE cookie laws? 

Does MWS comply with the EU cookie laws?
Symptoms:
 
Cause:
 
Solution:
Juniper's Legal department has updated the Mykonos position regarding the EU Cookie Directive.

Mykonos – EU Cookie Law
FAQs

1. What is the EU Cookie Law?
The EU Cookie Law is a law that became effective in the EU on May 26, 2011 and requires website operators to give information and obtain user consent prior to setting cookies on a user’s computer or other device. There are certain exemptions from the EU Cookie Law, and in 2012 the EU's official advisory body issued a document describing such exemptions.

2. Does this law already apply in all EU member states?
No. As of the date of these FAQs, most member states (including the UK, France and the Netherlands) have enacted country-specific regulations that implement the EU Cookie Law. A few member states (including Germany, Greece and Poland) have not yet issued their implementing regulations.

3. Does the EU Cookie Law apply to the Mykonos software’s Intrusion Deception™ system?
Yes. Mykonos sets cookies in order to keep track of user behavior on a website and the cookies are subject to the EU Cookie Law.

4. Does Mykonos comply with the EU Cookie Law?
Yes. Mykonos cookies are security cookies, and according to the EU's official advisory body, security cookies fall within the exemption from the EU Cookie Law. Therefore, prior consent is not required for the Mykonos cookies.

5. What steps should be taken to use Mykonos in compliance with the EU Cookie Law?
To comply with the EU Cookie Law, if you are a website operator you should take the following steps when you implement Mykonos:
  • Post a privacy policy and/or cookie policy on your website, which describes the types of cookies that you use. With respect to Mykonos, you may state “Our website uses a variety of cookies, including security cookies for the purpose of.”
  • Display a prominent link to the privacy policy and/or cookie policy on your website’s home page.
  • Deploy Mykonos for the sole purpose of securing your website. Do not deploy Mykonos to collect user information for any other purpose.
  • Implement Mykonos in accordance with Juniper’s product usage guidelines. For example, do not adjust default settings except as set out in those guidelines.
  • Do not mislead users about what the Mykonos cookies do or how your website uses Mykonos. For example, do not state in your cookie policy that you use certain cookies for purposes of securing your website but then use Mykonos for non-security purposes.
  • Regularly update your website privacy policy and/or cookie policy to accurately describe your use of cookies and to reflect any updated guidance about Mykonos that Juniper may provide to you from time to time.
By taking the above steps, website operators should be able to rely on the exemption to the EU Cookie Law.

6. What assurances can Juniper give me that Mykonos complies with the EU Cookie Law?
Juniper has received informal guidance and assurance from the UK data protection authority (known as the “UK ICO”) that Mykonos complies with the EU Cookie Law, provided that website operators follow the guidelines described in #5 above. You may wish to seek your own independent legal advice. Please note that, while other EU countries generally adhere to the EU official advisory body’s views, there can be no assurance that other EU countries will take a similar approach as that taken by the UK ICO.

7. What should my company do to ensure that when we implement Mykonos we comply with the EU Cookie Law?
You should follow the steps described in #5 above. You may also wish to seek your own independent legal advice.

8. Can Juniper provide a copy of any written statement that it received from the UK ICO?
No. The UK ICO gave Juniper informal advice and is not in a position to formally comment on each cookie product in the market.

9. Does Juniper provide a warranty that the Mykonos software complies with the EU Cookie Law?
No. Please refer to #6 above.
Related Links: