Jump to content
Latest News: (loading..)
andy_1984

Europe Cookie Laws

Recommended Posts

NB - I am not a lawyer!!

 

This is a minefield. The ICO have given everyone a get out clause allowing implied consent, but then imply that they would ideally want implicit consent if you are storing any personal data. They give an example of this data as being health records, or presumably the like - I would say storage of an email address is enough to put you into the danger zone.

 

Now examples aside, it would seem to me that you need to consider if the storage of personal data on your site requires that the customer needs to accept your terms and conditions of use ... I would say yes it does even though the ICO give this advice:

 

"The Regulations specify that service providers should not have to provide the information and obtain consent where that device is to be used:

  • for the sole purpose of carrying out or facilitating the transmission of a communication over an electronic communications network; or
  • where such storage or access is strictly necessary to provide an information society service requested by the subscriber or user."

Reason being that the data is not always strictly necessary to complete the users request on the site they are viewing. For example, if they sign up to buy something, then their address is necessary for shipping, but their telephone number may not be even though you have actually taken that for completeness.

 

To avoid any messy popups that make the user simply deny your cookie because they are not aware of what they are being asked to do:

implied consent means that you could have a tag or button in a prominent place on EVERY page allowing the user to view your privacy and cookie notices should they want to like several people have suggested - this would not necessarily detract from the look or feel of the site in any way. However, as soon as they sign up to your site they are providing personal information directly to your database, so you need implicit consent for the setting of cookies - which is ridiculous as in actual fact they are giving you the data with the knowledge that it will be stored and they have already given you implied consent to set cookies - anyway, then you will likely need them to tick a box that they agree to the privacy policies of the site, which again isn't unusual so won't detract from the users experience in any way.

 

Just a note about the requirement of websites to adhere to this law. Again, my opinion only. This law applies to people or businesses running/owning sites that serve the EU - so amazon does or doesn't need to adhere to it ?? The law is to protect the EU citizens, and they are applying it to all businesses that they have direct legal recourse over, but international businesses have been successfully prosecuted under EU law when they are serving EU customers. So, even though amazon are literally operating from tax havens technically outside the EU, they are serving content that involve EU businesses and the affected public. Likewise for any international seller such as Apple, Microsoft, etc. So if your business is located in the USA for example, but you are serving EU clients, then this could mean you too. Additionally, it could be perceived that secondary servers based in the EU are technically affected when they are serving content to the EU as regulations would apply through the 3rd party.

 

The bottom line is control. In my opinion, this law is ridiculous. It puts the owness on legitimate businesses to clean up the act of non-ligitimate businesses. Notwithstanding illegal entry/access, the protection of ones own personal property is literally one's own responsibility. If you trawl the internet via your computer and get viruses etc as a result, then you were responsible for protecting yourself in the first place. If you sign up for services without first reading the terms and conditions of the seller or information provider, then you are at fault. Your use of a search engine is reliant on you reading its terms and conditions of use. If you enter someone's premises, including their website, then you are agreeing that they can serve you within those premises and if that means they can use surveillance cameras to do that within their property, then so be it - a cookie is only a surveillance camera really, tracking your visit (again, notwithstanding those that are for other illegal uses). The point is that the illegal businesses will apply this in time and accurately if it means they will lose money - or they don't need to because they access the users computer in a different way. Just another example of our ineffective intrusive governments. Rant over

Share this post


Link to post
Share on other sites

Reading your post, I think you may be confusing cookies with personal data.

 

The cookies regulation relates to cookies you place on the visitors computer, be they site cookies, analytics cookies, advertising cookies etc.

 

The personal data a user adds to your database, such as phone, email, name, address etc is not covered by the cookie law - this has plenty of other laws surrounding it under the blanket of Data Protection.

 

Thanks


Now running on a fully modded, Mobile Friendly 2.3.4 Store with the Excellent MTS installed - See my profile for the mods installed ..... So much thanks for all the help given along the way by forum members.

Share this post


Link to post
Share on other sites

Session cookies are ok, though. Yes? It's just tracking cookies that are the aim of the new law as used by Google Analytics and Adsense. Yes?

 

TJ

Share this post


Link to post
Share on other sites

Basically, if you need a cookie for the normal running of a store, then they will be ok. This does include the oscid as it is required for correct running of the store. What is not esential are any other cookies that may be used that are not required for running of the store, such as google cookies, and those used by things like facebook like buttons.

 

The ICO are not sure of how this law will be upheld and policed, which makes it a stupid law in may peoples eyes. At the moment as long as you are seen to be doing something relating to this law, you should be ok. There are sites which can be found by searching for eu cookie law that have other ways of dealing with this. You should really add details of all the cookies used by your store into your privacy policy. There are sites that wil check for cookies and let you know what they are. You also have to link to your privacy policy page using a clear easily to find link. You can also add text to the header or footer of your site explaining that your site uses cookies and link to your privacy policy.

 

The easiest way is to see what others are doing on their sites and try to come up with something similar, without copying.


REMEMBER BACKUP, BACKUP AND BACKUP

Before installing the official version of oscommerce first look at a responsive version here

I have not failed. I've just found thousands of ways that won't work.

Share this post


Link to post
Share on other sites

Hi Steve

 

I have prepared a cookie statement for the footer of the index page (only if preferable). Could you show me where I should place it in the code? I don't want to mess up the existing code.

 

Thanks

 

TJ

Share this post


Link to post
Share on other sites

No real code to mess up in the footer file. Put the code where you like as long as it is not in a div that is used for something else.

 

I would put it after

<div class="grid_24" style="text-align: center; padding-bottom: 20px;">

<?php echo tep_display_banner('static', $banner); ?>

</div>

 

If you put your code in a div, you could add your own styling to it to make it stand out from the footer using css.


REMEMBER BACKUP, BACKUP AND BACKUP

Before installing the official version of oscommerce first look at a responsive version here

I have not failed. I've just found thousands of ways that won't work.

Share this post


Link to post
Share on other sites

Thanks Steve. In the end, I went for the main text in the index.php page as this only shows on the one intro page. Works fine for me.

 

Cheers

 

TJ

Share this post


Link to post
Share on other sites

Are you considering those people that will come to your site from a search engine and may not see the front page. Thats why it sould be on every page.


REMEMBER BACKUP, BACKUP AND BACKUP

Before installing the official version of oscommerce first look at a responsive version here

I have not failed. I've just found thousands of ways that won't work.

Share this post


Link to post
Share on other sites

Try this which is what i use on all my sites.

 

http://www.civicuk.com/cookie-law/index

 

you can have it so that it just informs them that your site uses non intrusive cookies and that the cookies you use are for site functionality only.

 

It is on every page also.

 

According to the rules if your site requires cookies for the basic functionality of the site then the simple inform rule can apply. OSC uses a cookie that is required for site functionality. If you use google analytics then you must have an opt in function which this also covers..

 

Anyways, best way is to have a look.

 

Works perfectly.

Share this post


Link to post
Share on other sites

I found a nice implementation of cookie laws on the belgian federal commerce government site that deals with commercial regulation, so I'm guessing what they have done is best practice ...

 

http://economie.fgov.be/nl/global/disclaimer/cookiesprivacy/#.U776sUAUee4

 

if it shows in dutch, top left you have language switches

 

I was thinking these different sections would be nice content modules in the oscommerce world ...


KEEP CALM AND CARRY ON

I do not use the responsive bootstrap version since i coded my responsive version earlier, but i have bought every 28d of code package to support burts effort and keep this forum alive (albeit more like on life support).

So if you are still here ? What are you waiting for ?!

 

Find the most frequent unique errors to fix:

grep "PHP" php_error_log.txt | sed "s/^.* PHP/PHP/g" |grep "line" |sort | uniq -c | sort -r > counterrors.txt

Share this post


Link to post
Share on other sites

i have found something jquery based which will handle google analytics (opt in / out) and on my test site it works rather nicely, so i should be able to upload to the addons within half an hour - in case anyone else needs it

Share this post


Link to post
Share on other sites

i did google and "booooooooooom" very fast (on first page) i get an answer. Here: http://addons.oscommerce.com/info/9013


  • The clever one learn from everything and from everybody
  • The normal one learn from his experience
  • The silly one knows everything better

[socrates, 412 before Christ]

Computers help us with the problems we wouldn't have without them!
99.9% of the bugs sit in front of the computer!
My programmed add-ons: WDW EasyTabs 1.0.3, WDW Facebook Like 1.0.0

if(isset($this) || !isset($this)){ // that's the question...

 

Share this post


Link to post
Share on other sites

@@joe122joe

 

Just make sure that you also alter your privacy policy and cookie policy to comply with the legal requirements also. They can also be found by searching using something like google - other search engines are available.

 

There are also regulations regarding what you can and cant do on your website and what text has to be on certain buttons on the checkout pages. The more you dig into EU regulations the more you will find that you need to do.

 

The EU also regulates your return policy so that ought to be compliant also.

Edited by 14steve14

REMEMBER BACKUP, BACKUP AND BACKUP

Before installing the official version of oscommerce first look at a responsive version here

I have not failed. I've just found thousands of ways that won't work.

Share this post


Link to post
Share on other sites

@@joe122joe

 

I've updated this addon to work with osCommerce 2.34BS Gold and Edge (or more accurately, I backported the osC 2.4 module to work with 2.34BS)

 

Just upload, install, and go http://addons.oscommerce.com/info/9013


Let's make things easier for new osCommerce users http://forums.oscommerce.com/topic/402638-discussion-about-hard-coded-database-tables/?p=1718900  Getting there with osCommerce 2.4! :thumbsup:

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×