The University of Canberra's Centre for Internet Safety (CIS) has called for greater powers for the Office of the Information Commissioner to assist with a crack-down on the use of digital cookies.
In a report dubbed "Taming the Cookie Monster" (pdf), CIS security researcher Dr Paul A Watters said internet users were not informed about how their personal data was retained within cookies.
Dr Watters said more research needed to be done to determine the prevalence of tracking cookies that targeted Australian users, along with an audit of how and if explicit and informed consent was taken when personal data was stored in cookies.
"In relation to cookies, an organisation is effectively a collector of personal information, and could be the target of investigation for a privacy breach," Dr Watters wrote.
"For example, an investigation of an advertising company’s information systems could reveal the extent to which persistent cookies are used for tracking and for the subsequent identification of users, by requesting information and requiring the provider to take an oath that its contents are correct and complete."
This would draw on sections 44 and 45 of the Privacy Act, according to Dr Watters.
Dr Watters said Australian websites should be investigated to determine how many used tracking cookies, and what they were used for.
Such a study should investigate if and how websites obtained "explicit informed consent" when collecting users' personal data in cookies, he said.
Dr Watters cited a study by Truste that found an average of 14 tracking cookies per page within the Top 50 British web sites. Most of these cookies were made by third-party companies and half were persistent.
Copyright © SC Magazine, Australia
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED GOES EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @itnews.com.au to your white-listed senders.