Find content
Male
What this effectively means is that every single IPB site who have visitors from the EU are now in breach of the new cookie directive from tomorrow unless they take action to remedy it. Having been lead to believe upgrading to 3.3.2 would be all the action that was required, it's a serious problem.
When you look at what many of the major UK based websites have done, they're taking the new law seriously, and I'm shocked that IPB have decided neither to take any action or offer any guidance to their customers on what they need to do, particularly when taken in context with what Matt said in late April:
Matt, on 19 April 2012 - 07:53 AM, said:
It technically doesn't matter where you are in the world. The EU would like for you to offer EU visitors the opt in/opt out/info regardless of where you are hosted.
I agree that it's all really dumb but as a software vendor we have a responsibly to ensure our software complies with these things.
I've done a lot of research into this and there are many exemptions where you don't have to ask for opt in permission and that's when the cookie is used in such a way that makes it vital to the application.
Really this is a browser level problem and it's utterly ridiculous to expect internet apps to 'fix' this but there you are. At some point browsers will have to include these rules and we can stop messing about with pointless javascript.
However, here's what I've done for IP.Board
Guests only get served a session cookie which is essential for the application and contains no identifiable information unless they decide to change themes or languages, etc. This means there isn't a need for pop-ups, overlays, banners, swooshing nag panels or any other of the head slappingly stupid suggestions the ICO offer.
When you log in, you make the user aware that doing so will set cookies and there is a link to the cookie policy. Same when registering.
At the bottom of the board there is a message "This site uses cookies: Cookie policy". Upon clicking this you're taken to a description of every cookie IP.Board will try and set along with a 'show contents' button if the cookie is set so you can review what is stored.
This barely scrapes in above the bare minimum needed to comply but lets be honest. The internet is a massive place and there are millions of websites. The EU law is almost impossible to police let alone effectively punish offenders. In addition, the ICO has said that it will not target sites that make an effort and have a clear cookie policy. Indeed, almost all the cookies IP.Board sets are exempt and contain zero tracking data and aren't shared with other sites so our software is very low risk.
My hope is that either the EU forces browsers to implement something or the whole thing is discarded as unworkable.
I agree that it's all really dumb but as a software vendor we have a responsibly to ensure our software complies with these things.
I've done a lot of research into this and there are many exemptions where you don't have to ask for opt in permission and that's when the cookie is used in such a way that makes it vital to the application.
Really this is a browser level problem and it's utterly ridiculous to expect internet apps to 'fix' this but there you are. At some point browsers will have to include these rules and we can stop messing about with pointless javascript.
However, here's what I've done for IP.Board
Guests only get served a session cookie which is essential for the application and contains no identifiable information unless they decide to change themes or languages, etc. This means there isn't a need for pop-ups, overlays, banners, swooshing nag panels or any other of the head slappingly stupid suggestions the ICO offer.
When you log in, you make the user aware that doing so will set cookies and there is a link to the cookie policy. Same when registering.
At the bottom of the board there is a message "This site uses cookies: Cookie policy". Upon clicking this you're taken to a description of every cookie IP.Board will try and set along with a 'show contents' button if the cookie is set so you can review what is stored.
This barely scrapes in above the bare minimum needed to comply but lets be honest. The internet is a massive place and there are millions of websites. The EU law is almost impossible to police let alone effectively punish offenders. In addition, the ICO has said that it will not target sites that make an effort and have a clear cookie policy. Indeed, almost all the cookies IP.Board sets are exempt and contain zero tracking data and aren't shared with other sites so our software is very low risk.
My hope is that either the EU forces browsers to implement something or the whole thing is discarded as unworkable.
