Forums

The forums ran from 2008-2020 and are now closed and viewable here as an archive.

Home Forums JavaScript Pure JS Help with Cookie Tool Re: Pure JS Help with Cookie Tool

#102141
chrisjg
Member

Totally agree, it has not been properly thought out.

Mostly it not enforcable, the ICO employs around 350 people – even if all of them were checking website compliance they would be swamped.

The ICO are not even sure what compliance is yet, or what it will be in a years time!

Dave Evans, Group Manager for Business & Industry at the Information Commissioner’s Office (ICO), was interviewed in April this year – these are couple of his answers (full interview http://econsultancy.com/uk/blog/9610-q-a-the-ico-s-dave-evans-on-eu-cookie-law-compliance )


Will you come up with a definitive answer on what compliance is?

We don’t know what compliance will look like in a year’s time.

There are lots of gaps here, and we want people to fill them with good practice. We can then point to examples of this and everyone will have a greater understanding of what is required.

We hope that this will pick up over the next month or so.

Will ‘implied consent’ solutions be enough in some cases?

The law does allow us some leeway, and if a company’s revenue would drop if it went for a strict opt-in, then we could look at different ways of educating users and gaining consent.

Just because analytics cookies are caught by this law doesn’t mean a strict opt-in is necessary. It could, in some cases, be seen as an essential part of the relationship.

If a website says ‘we’d like you to use cookies, but click here if you don’t want us to, and click anywhere else to continue’. If customers have seen this message, then this may be enough in most cases.

If it looks like an organisation has put enough information there, and it is clearly visible, such that it wouldn’t be likely that users would miss it, then it’s unlikely we would take that [complaint] further.


This sounds different to the advice given in the guidance document produced by the ICO http://www.ico.gov.uk/news/latest_news/2011/~/media/documents/library/Privacy_and_electronic/Practical_application/guidance_on_the_new_cookies_regulations.ashx

My thoughts, for what they are worth (IANAL):
1. Update privacy policy to list the cookies used.
2. State that “We are working towards a compliant solution for the EU e-privacy directive 2009/136/EN”
3. Providing you are not a big-bussiness, simply wait and see what the ICO says in a couple of months time.

This is what I am advising my small business and hobby/personal site clients to do.

Having said that, I am working on a solution for Joomla – which started as a little side-project, a sort-of technical challenge along the lines of “how could this be done without having to add code to every module/component/add-on that uses cookies?”. It has grown a bit since then, from theory, through proof of concept, to finalising the details and making it a standard add-on module. Once complete I will release it on github.

Chris.