HI,
there is a debate rumbling on on FreewayTalk about this. Rather that muddying the water further, may I make the following suggestions:
An Action is written that sets a cookie (using JavaScript) - named fwSetCookies - which is either True or False depending on the user’s preference. This could be in the form of a small DIV that appears at the top of the browser window.
The reason I’m suggesting it here is that
a) Someone needs to write it.
b) All Actions that writes code that sets a cookie needs to check for the named cookie (I understand that that you are allowed to drop a cookie to say that cookies have or have not been agreed to) and adjusts its behaviour accordingly.
Adopting the name of an agreed cookie means that anyone can interrogate it - either in JavaScript or PHP/APS (etc.) without having to jump through too many hoops.
This seems to be a great suggestion. However will it cope with third-party cookies such as for Blogger using Softpress actions, embedded YouTube videos, Google Maps, etc which also use cookies?
HI,
there is a debate rumbling on on FreewayTalk about this. Rather that muddying the water further, may I make the following suggestions:
An Action is written that sets a cookie (using JavaScript) - named fwSetCookies - which is either True or False depending on the user’s preference. This could be in the form of a small DIV that appears at the top of the browser window.
The reason I’m suggesting it here is that
a) Someone needs to write it.
b) All Actions that writes code that sets a cookie needs to check for the named cookie (I understand that that you are allowed to drop a cookie to say that cookies have or have not been agreed to) and adjusts its behaviour accordingly.
Adopting the name of an agreed cookie means that anyone can interrogate it - either in JavaScript or PHP/APS (etc.) without having to jump through too many hoops.
This seems to be a great suggestion. However will it cope with third-party cookies such as for Blogger using Softpress actions, embedded YouTube videos, Google Maps, etc which also use cookies?
Hi Gordon,
It will, providing that all Actions that write code that generate cookies (or similar) are amended to check for the cookies cookie(?!) before running their code. It could be the way to do things down the line but for now we feel that, given the nature of the cookies that are generated from Freeway sites, an updated Privacy and Cookies policy is the way to go initially.
Gordon - the intent would be to write an Action that merely sets a flag that code elsewhere would read and respond to. Having one cookie that all Action generated code could act on makes more sense than having many cookies. Action writers would need to adjust their output to respond to this setting.
Joe - What advice do you have to back up your position? I ask because I (and indeed others) may well be asked to advise clients on such matters, and being able to quote sources can help. Elsewhere, I am reading that passive action - that is amending privacy policy and stating that use of the site agrees to cookies being set - is not sufficient and that a yes or no agreement must be made through a click.
I know, it’s a confusing mess, and one person’s view conflicts greatly with another’s. Right now, the Information Commissioner’s Office has said that it will not be issuing penalties, but I am wondering if that won’t stop private groups or individuals being more litigious. I am reminded of the RNIB going after websites that were not accessible to their members. (For those who don’t know - the RNIB is a charity for the blind and partially sighted.)
We’ll be putting a blog post up about it in the next few days.
Joe
On 21 May 2012, at 12:52, Paul wrote:
Gordon - the intent would be to write an Action that merely sets a flag that code elsewhere would read and respond to. Having one cookie that all Action generated code could act on makes more sense than having many cookies. Action writers would need to adjust their output to respond to this setting.
Joe - What advice do you have to back up your position? I ask because I (and indeed others) may well be asked to advise clients on such matters, and being able to quote sources can help. Elsewhere, I am reading that passive action - that is amending privacy policy and stating that use of the site agrees to cookies being set - is not sufficient and that a yes or no agreement must be made through a click.
I know, it’s a confusing mess, and one person’s view conflicts greatly with another’s. Right now, the Information Commissioner’s Office has said that it will not be issuing penalties, but I am wondering if that won’t stop private groups or individuals being more litigious. I am reminded of the RNIB going after websites that were not accessible to their members. (For those who don’t know - the RNIB is a charity for the blind and partially sighted.)
I came across this a few weeks ago but just haven’t had time to post it in the forum
This is a very nice elegant system which anyone could all use to add a cookie acceptance functionality system.
It uses jquery which won’t play well will many Freeway sites
David
On 14 Jun 2012, at 12:28, “max” email@hidden wrote:
I came across this a few weeks ago but just haven’t had time to post it in the forum
This is a very nice elegant system which anyone could all use to add a cookie acceptance functionality system.
I looked at it with an eye to porting it, but it’s a huge tangled mess and I got side-tracked with earning a living. Sadly. Anyway, the latest on this imbroglio is that if you write a proper privacy statement, outlining your actual reason for using cookies at all (no, Facebook is not a real reason for this, just don’t add the “like button” if you know what’s good for you!) you are completely fine. Google Analytics is a valid reason to use a cookie, as would be any other analytics system. If you have a shopping cart, you get a pass there as well.
Walter
On Jun 14, 2012, at 8:54 AM, David Owen wrote:
Max
It uses jquery which won’t play well will many Freeway sites
David
On 14 Jun 2012, at 12:28, “max” email@hidden wrote:
I came across this a few weeks ago but just haven’t had time to post it in the forum
This is a very nice elegant system which anyone could all use to add a cookie acceptance functionality system.
It’s all moot as the Information Commissioners’ Office declared at the very last minute that implied consent was enough. Putting a statement on your site somewhere saying what cookies there are and how they are used and saying that continuing to use the site counts as agreement to accept cookies is sufficient.
Of course, this last minute piece of advice means that a lot of people spent a lot of time (and money) updating their site with acceptance buttons etc. for no reason at all.