This article is one of a series written by Data Protection Education in collaboration with Litus Digital, a social media management company. The articles came about from questions asked by Data Protection Education's customers, our own experience of working in education, as school governors, parents and data protection professionals. The articles raise questions about how social media can be used as safely as possible in a school environment, security considerations, the law and protecting children. It is not possible to cover every aspect of social media, but the articles aim to provide guidance, raise privacy questions and provide some support for safe posting.
The tenth article in this series covers types of cookies associated with social media and considerations. Social media cookies are a type of tracking cookie used by social media platforms to collect and store information about a user’s online behaviour and interactions with social media content. These cookies are part of the broader category of tracking cookies, which are small text files that websites place on a user’s device (usually a computer or mobile device) to track their activities and gather data.
Here's how social media cookies typically work:
- Tracking User Activity: When you visit a website that has social media buttons or widgets (such as the Facebook "Like" button or Twitter "Tweet" button), the social media platform may place cookies on your device.
- Recording Interactions: These cookies record your interactions with the social media buttons or widgets, such as when you click the "Like" button, share a post, or follow a user.
- User Profiling: Over time, the social media platform uses the data collected through these cookies to build a profile of your online behaviour and interests. They can determine what websites you visit, what content you engage with, and even infer your preferences and demographics.
- Personalized Content and Advertising: The information collected is then used to personalize your experience on the social media platform. You may see content in your feed that is tailored to your interests, and you may also be shown targeted advertisements.
- Cross-Site Tracking: Social media cookies can track your activity across multiple websites that have integrated social media buttons, allowing the platform to create a more comprehensive profile of your online behaviour.0
To protect your privacy online, you can consider adjusting your browser settings to block or limit the use of cookies, use browser extensions that enhance privacy, or regularly review and adjust your privacy settings on social media platforms.
The ICO states that the consent requirements for cookies are defined by the Privacy and Electronic Communications Regulations 2003 rather than UK GDPR. The ‘user’ (the person using the ISS) or the subscriber (the person who has a contract with the internet service provider) must consent to the setting of cookies and similar technologies on the equipment (computer, mobile device etc.) being used. In order for the consent to be valid, the person consenting must understand what they are consenting to. This means that ISS providers need to take proportionate measures, taking into account the risks inherent in the technology being used, to ensure that a child proving their own consent is competent to do so.
Further reading: ICO Guide to PECR
The children's code guidance and resources
When reviewing websites/third party products that you use within your school/trust consider: The children's code and education technologies (edtech). While schools are not Information Society Services (ISS) and are not in scope of the children's code, edtech providers may be in scope of the code. If children are likely to access an online service, there needs to be clear and comprehensive information about the use of cookies and ensuring there is consent for any that are not strictly necessary. Review: Guidance on the use of cookies.
Also review: Supplier Due Diligence and Due Diligence Step by Step.
Review alongside consent and remember that terms and conditions cannot be used to gain consent for cookies.
Guardians of Privacy: Social Media Articles
Guardians of Privacy: 16. Social Media ChecklistGuardians of Privacy: 15. Navigating Social Media in Educational Settings Summary
Guardians of Privacy: 14. Social Media and Cyber Bullying
Guardians of Privacy: 13. Social Media, Copyright and Intellectual Property
Guardians of Privacy: 12. Social Media and Going Viral
Guardians of Privacy: 11. Staff Social Media Accounts
Guardians of Privacy: 10. Social Media and Cookies
Guardians of Privacy: 9. Social Media and Morality
Guardians of Privacy: 8. Social Media Policies
Guardians of Privacy: 7. Social Media Data Retention
Guardians of Privacy: 6. Posting Safely
Guardians of Privacy: 5. Social Media and Consent
Guardians of Privacy: 4. Social Media Access Control
Guardians of Privacy: 3. Social Media Channels
Guardians of Privacy: 2. Law and Regulations
Guardians of Privacy: 1. Social media, privacy and children