New guide for businesses on processing personal data obtained online

The 23-page guide, Personal information online; a code of practice, contains clear, comprehensive and practical guidance for business. It includes "good practice tips - advice on what's good to do" and "bad practice - advice on what NOT to do' when collecting personal data via PCs, games consoles, mobile devices, media players or other equipment that connects to the internet.

Personal data includes names, addresses and contact details, and information about browsing and other online behaviour and, in the Information Commissioner's view, personal data is being processed where information is collected and analysed with the intention of distinguishing one individual from another and to take a particular action in respect of an individual. This can take place even if no obvious identifiers, such as names or addresses, are held.

Personal data could be gathered by, for example:

• collecting a person's details through an online application form;
• using cookies (code deposited on a website visitor's computer that records details about, for example, the pages they have looked at on the site) or IP addresses (the unique set of numbers that identify that particular computer) to target content at a particular individual;
• using personal data to market goods or to deliver public services; and
• using cloud computing facilities to process personal data.

Recommendation
Dowload the Code from the ICO website.