thanks :)
Peekay wrote:
@shine
As Mamba has already pointed out.
From the ICO website:
Quote:Some cookies can be exempted from informed consent under certain conditions if they are not used for additional purposes. These cookies include cookies used to keep track of a user’s input when filling online forms or as a shopping card, also known as session-id cookies, multimedia player session cookies and user interface customisation cookies, eg language preference cookies to remember the language selected by the user.
Session cookies, language cookies, cookies to prevent security issues are exempt under this law and fall under the status of 'implied consent'. You do NOT have to ask permission to set them before the site is loaded.
If you implement a script to pop up a cookie warning when you are just setting a session cookie, many people will (quite rightly) assume you want to set tracking cookies and go elsewhere.
As the only way to record someone's consent to cookies is to set a cookie, or to store their IP address in a database, this stupid law is encouraging webmasters to record more personal data about site visitors than before the law was introduced.
Mamba wrote:
I assume, that there should be a common implementation of the law across Europe.
There are good guidelines from UK, which states that:
Quote:Implied consent is a valid form of consent and can be used in the context of compliance with the revised rules on cookies.
BBC is using this kind of "implied consent" where they post a special link to "cookies" at the bottom of the page.
They also state that:
Quote:Some cookies can be exempted from informed consent under certain conditions if they are not used for additional purposes. These cookies include cookies used to keep track of a user’s input when filling online forms or as a shopping card, also known as session-id cookies, multimedia player session cookies and user interface customisation cookies, eg language preference cookies to remember the language selected by the user.
I think, our cookies would fall into the "session-id" cookie.
There are also few good articles, with links to jQuery plugins that could be helpful:
http://designmodo.com/eu-cookie-law/
http://www.webresourcesdepot.com/eu-cookie-law-2-jquery-plugins-to-not-break-it/
http://www.netmagazine.com/features/beginners-guide-new-cookie-law
The CookieCutter and CookieGuard plugins seem to be most popular.
So based on all of this you could:
1) set a special page about cookies, as BBC did, to have "implicit consent", or
2) add a jQuery plugin to get "explicit consent"
Maybe somebody else has a better suggestion
flipse wrote:
From what I have read the Dutch government interprets the law more strict then the European law has in mind, but...
Cookies from (nonprofit) websites, or for keeping login credentials or remembering your shopping cart are not an issue. The law is focussed on third party cookies from advertising networks or companies collecting user data on a larger scale, like google analytics.
The OPTA, the Dutch supervisor, has stated they only direct penalty real abusive cookie use. Other websites get a warning first. Most reassuring fact is OPTA has no scanning software for cookie law offense at this moment. They have asked a student to code some, just a few days ago