Slashdot Mirror
"Breathtakingly Stupid" EU Cookie Law Passes
Reader whencanistop writes with some details on an upcoming EU law that slipped under the radar as it was part of the package containing the "three strikes" provision, which attracted all the attention and criticism. "A couple of weeks ago we discussed the EU cookie proposal, which has now been passed into law. While the original story broke on the Out-law blog from a law perspective ('so breathtakingly stupid that the normally law-abiding business may be tempted to bend the rules to breaking point'), there has now been followup from a couple of industry insiders. Aurelie Pols of the Web Analytics Association has blogged on how this will affect websites that want to monitor what people are looking at on their sites, while eConsultancy has blogged on how this will impact the affiliate industry. In all of this the general public is being ignored — the people who, if the law is actually implemented, will have to proceed through ridiculous screens of text every time they access a website. I know most of you guys hate cookies in general, but they are vital for websites to know how people are accessing the sites so they can work out how to improve the experience for the user."
Maybe it's a bit harsh. But so are the abuses of cookies.
Cookies are used to keep a shopping cart. That out-law.com article spells that out. Cookies are used to track logins on forum sites. There might be an implied consent, there. But to be sure, just ask for consent when users register. Previously registered users would be directed to the consent request page once the next time they try to login. Explain that the consent is for the cookie used keep their login state. Explain that without consent, the login process cannot be completed and the user would be limited to the access level of a non-logged-in user.
Now, what else are cookies used for, that consent should not need to be given for?
now we need to go OSS in diesel cars
I don't see the problem at all.
If you are running an Amazon affiliate program you should have no problem telling your users that by clicking on the link to the product you are recommending that you get a portion of the sale. If you can't admit to that, then you aren't being honest with your users.
Likewise with Google Analytics. What's wrong with telling your users that you want to track how they access your site so you can improve it? Oh, there's the little bit about letting Google build up a profile on you. Well maybe someone will come up with an Analytics system that doesn't have a big brother behind the scenes.
... is to an old slashdot story which even says the initial write up is wrong and it has a link to a yahoo story which no longer exists. Come on guys , I know this is slashdot but try a little feckin harder for gods sake.
If you're site is using cookies, no problem - this directive isn't going to affect you. If you're site loads third party cookies then this is what this law is addressing. There are legitimate uses for third party cookies, and your users will have no problem recognising and understanding those uses and probably consenting to the cookie. I'm guessing you're only going to be concerned if you're loading some advertising, affiliate stuff that you'd rather the user didn't know about. And check your logs - all those none IE visitors can already disable third party cookies easily in the browser preferences. If you're site, or revenue relies on using technology from the 90's then the EU is the least of your problems...