On Thursday the EU law(which the uk has passed verbatum) regarding cookies comes into effect.

From my reading of it, any site that has among other things google analyitics present on it, will need to inform the user that cookies are present on the site, refer them to the sites privacy policy and make them explicitly opt in so that 3rd party cookies(as in if you have a shopping cart that is fair enough but advertising etc isn't) are allowed to farm data.

Its ridiculous quite frankly.

Anyone got a decent solution as to how to do this.

I'm thinking a php script that disables all cookies on the page unless they opt in(and once they have opted in is never seen again) if that is doable, if not then just chucks them to say google.com until such time as they opt in.

Anyone got or seen anything that does this? or give me a starting point as to what to google for. I really don't know where to start,

Have i mentioned its ridiculous yet?

dave

Is your site one that people have to "sign in" to? If so, why not just build the consent into the standard terms and conditions that one must agree to in order to create an account?
If it's a public site and does not require users to sign in, it's a little more difficult. You could remember the consent setting in a cookie :-)

Is your site one that people have to "sign in" to? If so, why not just build the consent into the standard terms and conditions that one must agree to in order to create an account?
If it's a public site and does not require users to sign in, it's a little more difficult. You could remember the consent setting in a cookie :-)

No unfortunately you can view the site without having to sign in. We have changed all our privicy statements and terms and conditions but are not convinced it will be enough.

The remembering whats was said in a cookie isn't a difficult issue to get round the hard part(ie bit well beyond my ability) is a system where by the user isn't allowed onto the site without accepting the cookie settings or preferably turning off all the 3rd party cookies(mainly google) on the page if they do not accept the cookie settings.

This law is so half arsed and ill thought out it is unbelievable.

dave

I'm not in Europe so I don't know the law, but from the article it sounded more like the issue was around third party cookies only, and that cookies that only get transmitted to the issuing site for the purposes of allowing the site to function, is allowed. But I could be wrong.

I'm not in Europe so I don't know the law, but from the article it sounded more like the issue was around third party cookies only, and that cookies that only get transmitted to the issuing site for the purposes of allowing the site to function, is allowed. But I could be wrong.

yeah that is about right. The main problem will be google analitics code. Google's amazing advice is to move our hosting out of europe, which is really helpful.

dave

You may want to look at out-law.com in the cookies section. It is said there that it is allowed to get consent after the cookie is already in use.

I think, until the gov clearly state their policy, no one will actually change anything and rely on browser settings.