Cookies warning in the eu


(tomas nittner) #1

hello friends and neighbours in the realm of rw webdesign,
people keep telling me that the european community is more and more insisting on a “cookie warning” on every website. could anybody be so kind to point out a stack for this nonsense?
thanks much, tomas


(Jannis from inStacks Software) #2

If you don’t use cookies :cookie: you don’t need that.


(Nittner Tomas) #3

hello yannis,
gerne! aber wie kann ich das vermeiden?
sonnigegemütsgrüße,


(Will Woodgate) #4

To further expand on the answer given by @instacks you could be using cookies or HTML5 web storage on your website if you do any of the following:

  • Record site visits using analytics (Google, Piwik, Microsoft Azure, LiveStats etc.)
  • Any functionality that remembers an option a site visitor has chosen - like a prefered language or closing a message box / dialogue
  • A website shopping cart to store details of what someone wants to buy
  • Recording form submissions from a contact page and logging information

In my opinion, it is really badly written and implemented EU legislation (clearly written by zombies with zero knowledge of how modern websites function). Ironically the sorts of intrusive cookies that this legislation aimed to combat are already blocked in all newer web browsers, with the ‘do not track’ option.

To make things worse, some EU member states require that users opt-out of tracking, whereas others opt-in. How that is supposed to work, I have no idea! Presumably a landing page where a user chooses what country they are in, and then you have separate websites, with cookies either enabled or disabled by default? No idea!

To my knowledge, no individuals or companies have so-far been prosecuted for not displaying an EU cookie message. And I don’t know how it would be enforced outside of the EU jurisdiction - presumably the EU would start blocking non-compliant websites? But it is written into law, and therefore something individuals and companies within the EU need to adhere to.

I honestly think that if your website has a basic privacy policy, then that should be suffice. It tells a user what information you collect, why you collect it and states the obvious that you will not resell or divulge the information to anyone else. A privacy policy is easy to implement onto any website.

This is the website I use to generate privacy policies for clients:
http://www.generateprivacypolicy.com

As a final method of compliance, you could use a stack like Gateway or Joe’s Cookie Jar stack to display a more formalised message about cookies.

I’m really looking forward already to 31st March 2019 when we’ll hopefully be out of the EU and not have to comply with this sort of insanity any longer! It has cost some businesses a fortune to comply with and in some instances they have needed to remove certain functionally from websites, that would have actually made their sites safer and more useful. It’s just crazy…


(Gary) #5

Just different insanity I expect:)


(Jannis from inStacks Software) #6

Let’s hope Scots (and Welsh?) stay :wink: