EU Cookie Law

e107 CMS » Forums » Miscellaneous » General Discussion

<< Previous thread | Next thread >>

Go to page 1 2 3

C6Dave

Jul 22 2011, 01:21AM

Registered Member #9506

Joined: Jul 31 2004, 12:57AM

Location: North East UK

Posts: 12341

Very good point and if that is the case then mine (which I have had for a long time) may actually be sufficient

For anyone else, here is an example, it may not be perfect but it's a start: [-link-]

Go to top

nlstart

Jul 22 2011, 02:03AM

nlstart

Registered Member #29855

Joined: Aug 18 2006, 01:12AM

Location: Utrecht, The Netherlands

Posts: 5489

For full details of your Data Protection Rights take a look at the European Commission Justice Data Protection Guide webpage.

Go to top

C6Dave

Jul 22 2011, 05:27AM

Registered Member #9506

Joined: Jul 31 2004, 12:57AM

Location: North East UK

Posts: 12341

That was a good tip, I've added a link to it in my Privacy policy

Go to top

septor

Jul 22 2011, 02:24PM

Registered Member #37

Joined: Aug 11 2002, 03:20AM

Location: United States

Posts: 2655

I don't host nor live in the UK, so this doesn't really affect me. However, I'll be going through any of my plugins that store cookies and putting a warning on it mentioning what gets saved and why. This way anyone using my plugins will be able to inform their users of the cookie.

Perhaps other plugin writers should start/work-on doing the same? Regardless of how this law actually interacts with plugins or private, low population, sites this can't be a bad thing to aim for anyways.

[ Edited Jul 22 2011, 02:25PM ]

Go to top

Moc

Aug 01 2011, 02:38AM

Registered Member #44563

Joined: Apr 12 2008, 03:01AM

Location: The Netherlands

Posts: 3514

I can re-confirm after consulting several lawyers specialised in the I(C)T-Branche that certain (essential and strictly necessarily) do not require permissions. However, I only looked this up using the Dutch law (and NOT the UK law, so it might be different for the UK but from what I've seen they both include the extract - see below).

Some resources
DUTCH: [-link-]
English:

wrote ...
Are all cookies affected?

The vast majority are - all cookies that are not "strictly necessary for a service requested by a user".

The law allows an exception for "strictly necessary" cookies, such as those used to remember when something has been added to a shopping basket. These cookies would be expected by the user implicitly for the action they requested to be carried out. Another example would be login.

Source: [-link-] (non-governmental)

This might be somewhat governmental related:
1) [-link-]

As you can see they placed a textblock at the top of the website. Note this string: One of the cookies we use is essential for parts of the site to operate and has already been set.

2) [-link-]
Check paragraph 4

[ Edited Aug 01 2011, 02:38AM ]

Go to top

shefmanager

May 24 2012, 12:10AM

Registered Member #62802

Joined: Sep 25 2011, 03:40AM

Location: England, UK

Posts: 65

If i'm correct we have to ask the visitor "to accept" that the site may set cookies on their PC / Mobile.
Does this mean we have to have a pop up box ask the questions accept or deny cookies? If thats the case my PC hasan efficient pop up box blocker so people likle me probably would never see it.
The alternative is to have a tab asking them - which is pointless as by that stage the cookie is probably on their PC.

Go to top

Moc

May 24 2012, 01:17AM

Registered Member #44563

Joined: Apr 12 2008, 03:01AM

Location: The Netherlands

Posts: 3514

Again, please read my post above this one. You don't need to ask a visitor persmission for EVERY cookie. Those cookies that are crucial to the sites functioning, e.g. a shopping basket or a login function, are excluded from this law. Only if you have additional THIRD PARTY cookies, you'll need to ask for permission.
This means that quite some time will not need to do anything to obey to directive, as quite some times only use cookies that are crucial to its functioning.

An even more extensive informative text: [-link-]

This is the official wording

wrote ...

(1) Subject to paragraph (4), a person shall not store or gain information, or to gain access to information stored, in the terminal equipment of a subscriber or user unless the requirements of paragraph (2) are met.

(2) The requirements are that the subscriber or user of that terminal equipment -

a) is provided with clear and comprehensive information about the purposes of the storage of, or access to, that information; and

b) has given his or her consent.

(3) Where an electronic communications network is used by the same person to store or access information in the terminal equipment of a subscriber or user on more than one occasion, it is sufficient for the purposes of this regulation that the requirements of paragraph (2) are met in respect of the initial use.

(3A) For the purposes of paragraph (2), consent may be signified by a subscriber who amends or sets controls on the internet browser which the subscriber uses or by using another application or programme to signify consent.

(4) Paragraph (1) shall not apply to the technical storage of, or access to, information -

a) for the sole purpose of carrying out the transmission of a communication over an electronic communications network; or

b) where such storage or access is strictly necessary for the provision of an information society service requested by the subscriber or user.

Please read paragraph 4 carefully.

The law was designed to prevent the sharing of cookies between websites, for example the tracing of google ads. The so-called third party cookies is what they (the EU) want to limit, by means of asking for consent of the visitor.

[ Edited May 24 2012, 02:43AM ]

Go to top

shefmanager

May 25 2012, 02:57AM

Registered Member #62802

Joined: Sep 25 2011, 03:40AM

Location: England, UK

Posts: 65

Ok thanks Moc, interesting to read that the UK regulations are different to others in the EU and that there isn't unity and each country is adopting it slightly differently!
I have placed a privacy and cookie statement on my main site and have had some good feedback that they appreciate being told how and what we do with cookies (some had never heard of cookies before!).

Go to top

Moc

May 25 2012, 04:54AM

Registered Member #44563

Joined: Apr 12 2008, 03:01AM

Location: The Netherlands

Posts: 3514

As far as I can see, the UK applies the same paragraph 4, which basically means the same rules apply.

There is a differene between technical/functional cookies and thirdparty/tracking cookies. The EU law only applies to thirdparty/tracking cookies. This is not different in the UK.

Nonetheless, it is good practice to inform your visitors about the cookies you set onto their computer, so well done!

Go to top

cyberken

May 25 2012, 08:02AM

Registered Member #35594

Joined: Apr 24 2007, 03:03PM

Location: Edinburgh

Posts: 68

I have been looking more into this and it now looks like in the UK you will be looked on favourably if you have been seen to make improvements even if you don't comply fully with the law.
Article about it here

[-link-]

Go to top

shefmanager

May 25 2012, 10:34AM

Registered Member #62802

Joined: Sep 25 2011, 03:40AM

Location: England, UK

Posts: 65

Can't find the exact link again but the link i found mentioned numerous times the UK regulations differ from the EU Directive and also other countries have adopted different procedures to comply. I study Health and Safety law and it's exactly the same where the EU release a directive, The UK then issues out acts and regulations to meet the beef of that EU Directive.
Here's an interesting link as well
[-link-]

Oh and the constant pop ups asking "can we put a cookie on your PC is just hilarious" on there!!

[ Edited May 25 2012, 10:36AM ]

Go to top

Moc

May 25 2012, 01:21PM

Registered Member #44563

Joined: Apr 12 2008, 03:01AM

Location: The Netherlands

Posts: 3514

Yeh well, there is no way the EU will be able to monitor/control(?) this law/directives at all. It is just impossible to check all websites on the world wide web, plus finding the right authority to complain to, etc. etc.

The same applies to regulations regarding downloading and torrents. There is just an utter lack of regulation and possibilities to control.

Go to top

septor

May 25 2012, 04:14PM

Registered Member #37

Joined: Aug 11 2002, 03:20AM

Location: United States

Posts: 2655

I'd be partial to the popup:

"We just stored cookies on your computer. I hope you're fine with that. If you're not please reformat your computer and never return to this website. Thank you for your cooperation.

"

edit: Also, I retract my previous statement about making my plugins compliant with this. Chances are anyone affect by this and worried about making it an issue will already have done this site-wide.

[ Edited May 25 2012, 04:16PM ]

Go to top

ians1

May 26 2012, 08:03PM

Registered Member #52870

Joined: Sep 11 2009, 10:48AM

Posts: 22

I was trying to use a tool such as this one:- [-link-]

but unfortunately e107 can't run scripts in any of the menus or custom pages.

The problem is consent to cookies is not implied unless the user actually understands and can indicate that acceptance. Otherwise it is not informed consent and therefore makes the whole site not compliant.

Without the ability to run HTML Scripts in menus or pages this cannot be done.

So it looks like I am off to find another CMS.

Go to top

MysterF

May 26 2012, 08:29PM

Registered Member #54659

Joined: Jan 31 2010, 02:19PM

Posts: 320

Well you can try a different CMS but there is no CMS that can cure ignorance as far as I know.

You can use e107 menus to copy/paste that script, you just need to read the wiki. I took 3 minutes of my time to make you that menu, you can download it from: here

Note: I didn't played with the colors or any of the script formatting options, wasn't sure you are still interested in this.

[ Edited May 26 2012, 09:31PM ]

Go to top

ians1

May 26 2012, 08:41PM

Registered Member #52870

Joined: Sep 11 2009, 10:48AM

Posts: 22

When I tried to enter /script it just removed it. So no way to run a script, or so it seemed until I disabled the wysiwig editor! Seems like it should tell you if you want to enter scripts then disable the editor. Very inconvenient and how was I to know that?

However, that still leaves the problem of how to have a consent message that will display on whatever page the user lands on.

Go to top

MysterF

May 26 2012, 09:10PM

Registered Member #54659

Joined: Jan 31 2010, 02:19PM

Posts: 320

Well I played a bit with the formatting, and also altered some of the default text, now when you click on the cookie link it will open a fancybox with an iframe to our site privacy policy (partial example), unfortunately I cannot update the previous link menu because this requires you to have several plugins installed.

to get the above box formatting I used:

background: #FFFFD5; border:1px dotted #FFCC00;

Now for the matter at hand, you said you have issue with this being displayed on every page? easy solution is to enable it in a menu that is active in all site areas or, maybe someone with more knowledge than me ( I am not a coder) can make a shortcode that you can register in theme.php and which you will be able to place in any site area at your convenience.

Tbh I am so against this directive that I can't invest more time into the matter, I can probably make the shortcode myself, with a bit of trial and error.

Go to top

MysterF

May 26 2012, 09:39PM

Registered Member #54659

Joined: Jan 31 2010, 02:19PM

Posts: 320

Updated initial link, I added all the changes plus some text for the menu, didn't include the fancybox hook and probably if I am going to use this I will be changing the "leave" link to something more professional, such as wiki or the European Union specific legislation link.

Anywho: [-link-]

Oh and the issue with the script getting triggered from any page, is a bug/issue or feature (ACCORDING TO THE SCRIPT CREATOR) from their side and not e107 related. For example I went on the page you initially linked, I didn't agreed to anything, i then changed to another page and when I went back to the original link, the cookie window was gone. The explanation would be that by clicking on another link and disregarding the message altogether you tacitly gave your consent.

[ Edited May 26 2012, 11:30PM ]

Go to top

ians1

May 27 2012, 12:25AM

Registered Member #52870

Joined: Sep 11 2009, 10:48AM

Posts: 22

So is there a way to make this display on whichever page a visitor lands on?

Go to top

ians1

May 27 2012, 12:38AM

Registered Member #52870

Joined: Sep 11 2009, 10:48AM

Posts: 22

Answering my own question yes there is, just make a Menu item that displays on all parts of the site that contains the script as above and that should work. I altered the YES button time out to 10 seconds, clicking WAIT halts the auto acceptance of Cookies.
The LEAVE button goes to the Petition on the government's website to halt this legislation.

Go to top

Go to page 1 2 3