Archived Boards and Threads... > SMF Feedback and Discussion

New European Cookie Laws

<< < (24/29) > >>

emanuele:

--- Quote from: CircleDock on April 22, 2012, 01:56:26 PM ---No, the "Cookie Laws" come from a 2009 or 2010 Directive and were passed into law by the UK Parliament last May (2011).
--- End quote ---
In the "explanation" link I posted is mentioned the 2009/136 that amends few articles and introduces others.
Do you have any number for the "2010"?


--- Quote from: CircleDock on April 22, 2012, 01:56:26 PM ---What you have found is the proposal for even tougher data protection legislation which in fact the UK already has (Data Protection Act) but that Act may require some amendments if the new EU Proposals become a Directive.
--- End quote ---
ETA: the other thing I found will not become a Directive it will become a Regulation, so national laws will be irrelevant.


--- Quote from: CircleDock on April 22, 2012, 01:56:26 PM ---
--- Quote ---admins in the UK would have to comply with it. I think.
--- End quote ---
It's not just UK-hosted sites that must comply - it's UK owned and registered sites regardless of where they are hosted. If the Domain name is registered in, or to someone (or entity) in the UK, that Domain must comply with the law even if the site is hosted elsewhere.

--- End quote ---
I wrote "admins in the UK", not "sites hosted in the UK". ;)

Tony Reid:
I'd like to thank the smf team for taking this on - its very much appreciated.

I've not tried any of the mods - but just a thought (and I apologise if this has already been taken care of) , but the language string for 'Always stay logged in:' should be adjusted to remind the user that this will place a permanent cookie. Maybe something like '(This sets a cookie)' and a link to the privacy policy.

Its $txt['always_logged_in'] and it resides in  themes/default/languages/index.english.php

For those manually editing who do not normally jump into code - please do not use apostrophes in the language string unless you prefix it with a /

For example : 'You\'ve got a Privacy Policy' rather than 'You've got a Privacy Policy'

I'd also suggest removing the quick login functionality as this uses a dropdown to save the cookie setting - with the login option in the menu its not really needed anyway.

N. N.:
Just to be clear on some of the questions, here and in the other topics on SMF's sessions - in short. It is essential for SMF forums to start the session as soon as possible (meaning set PHPSESSID one way or the other). It's out of the question to make something like this optional. According to the wording of this law/directive, even, it's strictly necessary, so it doesn't pose problems.

And on the funny side, you may wish to take a look European Data Protection Supervisor site.  *angel eyes*
http://www.edps.europa.eu/EDPSWEB/edps/EDPS
I'd suggest ICO to... recommend them compliance. :D

CircleDock:

--- Quote from: N. N. on April 23, 2012, 01:09:38 PM ---Just to be clear on some of the questions, here and in the other topics on SMF's sessions - in short. It is essential for SMF forums to start the session as soon as possible (meaning set PHPSESSID one way or the other). It's out of the question to make something like this optional. According to the wording of this law/directive, even, it's strictly necessary, so it doesn't pose problems.
--- End quote ---
I think we all understand that SMF's session cookie is necessary but that's not the point. It can not and must not be set unless and until the visitor agrees to cookies being set.

If you go to the ICO's web site, you will be able to navigate that site even if you do not accept that site's cookies and I have the horrible feeling that this may well be necessary in SMF. Possibly this could be overcome by adding the session ID to the URL as has previously been done? Yes, I agree it's ugly, possibly creates other problems challenges and may well not be Search-Engine friendly however.

As UK-based owners we have to use ICO's web site as the benchmark against which to base our individual implementations.

As it stands, Emanuele's modification coupled with any necessary changes to accommodate SA-Chat and Google Analytics, is working. But there's one very important aspect that's not addressed at all and that relates to shared computers.

Tony Reid:
Looks like the ICO might relax the analytics's side... in terms of action at least - I guess this is possibly due to the fact that the UK government's digital advisory committee is saying the the government websites use of analytics is a necessity and essential.

http://www.out-law.com/en/articles/2012/april/enforcement-of-cookie-consent-rules-for-analytics-not-a-priority-ico-says/

Navigation

[0] Message Index

[#] Next page

[*] Previous page