Cookie law makes most UK websites illegal (£500k fine for schools)

[InterwebsGuy]

Just looking at our moodle, the only cookies are the standard session and moodleid. Is it sufficient to put a sort of disclaimer on the site explaining what the cookies do?

Those are okay.
Session Cookies and Cookies that are crucial to the operation of the site are allowed without consent.

[InterwebsGuy]

Has anyone tried cPrompt?

Looks pretty good to me. Should work well enough if JS is disabled too, as it shouldn't execute anything within the IF statements.

I will have a play with this later.

[Gatt]

Has anyone tried cPrompt?

Looks good - it's getting it to work with the likes of WordPress in a way that doesn't screw up the entire site...

[beeswax]

Looks pretty good to me. Should work well enough if JS is disabled too, as it shouldn't execute anything within the IF statements.

I will have a play with this later.

I'm trying to configure this to work with a Joomla site, but not being a programmer I'm struggling. I would greatly appreciate any help and/or advice offered.

[elsiegee40]

BBC News - Cookies: Majority of government sites to miss deadline

Well that's all right then!

[Arthur]

ICO: no fines for breaking cookie rules « PC Pro

[mpe]

Personally, I am of the opinion it's the likes of Google and the other big boys that actually track you across multiple web sites when using Analytic's, Social Plugins or whatever that need to play ball. Just because you choose to have a Facebook Likey button on your pages doesn't mean they have the right to track your visitors browsing habits. As I have said previously, these are the guys that need to set-up a section on their websites that allow you to opt out of all Google Ad/Analytical (..) tracking, and as a result, your wishes should be then applied to millions of other websites.

Given where these companies are based they are likely to just ignore this. About the only thing likely to make them take any notice would be European arrest warrants for their directors together with any assets within the EU being seized. Very little chance of that happening. If it did then the most "Euro friendly" British Government possible would probably be too concerned about upsetting Washington.

[Jamman960]

I've just added a cookie policy to the bottom of the Drupal template page, I expect they'll issue warnings before going ahead with fines either way.

[gshaw]

According to the ICC document I've just read it seems we'll be OK with a cookies policy as ours fall into either category 1 (functional cookies i.e. site won't work without them for Moodle) or category 2 (Google Analytics)

[Marci]

There isn't really a dropin solution where you can simply add code to each page of your site to resolve cookie compliance. Those using CookieControl with Wordpress for instance - you NEED to know PHP / Javascript so that you can modify functions in the code throughout your site (inc any plugins used) so that those cookies are only created on the correct callback. CookieControl provides the framework to do this - the popup, and the necessary callback functions based on the user's response. You then have to trigger the functions that set cookies from within the cookiecontrol callbacks.

In the case of moodle installations - one presumes it's staff, students and parents who can actually log in to it, not members of the public. Cookies are only created once logged in. Just amend the login page of your moodle install to state that by logging in to this system you accept the necessity for cookies to be placed, and if folks don't agree, don't log in. You can't accidentally land on a Moodle page and have cookies created.

[sdc]

Anyone know how the BBC has implemented their cookie 'warning'? It's a great idea - a subtle banner, that's actually part of the webpage (I think) that only shows once - and only allows you to 'Continue' or 'Find out more'. No option to say no, but it does give you the opportunity to 'change your cookie settings'. This looks like an elegant solution to me; if only we could figure out how it was done....!

[JJonas]

It's a great idea - a subtle banner, that's actually part of the webpage (I think) that only shows once

It probably set a cookie for that

[InterwebsGuy]

Anyone know how the BBC has implemented their cookie 'warning'? It's a great idea - a subtle banner, that's actually part of the webpage (I think) that only shows once - and only allows you to 'Continue' or 'Find out more'. No option to say no, but it does give you the opportunity to 'change your cookie settings'. This looks like an elegant solution to me; if only we could figure out how it was done....!

It won't be rocket science and won't work much differently to any of these CMS plug-ins that have been linked above.

It will be mealy a little JavaScript to trigger some layers and styling with the message at the top. If the user opts out (or whatever) a Cookie will be set with their preference. The JS will check for the presence of this Cookie on each request and act as required. If there is no Cookie, the consent pop up will appear. As Marci alludes to above, the JavaScript will carry out further action, by including if consent has been granted, any code that is likely to set tracking Cookies - such as Analytics's, Ads, Social Sharing etc.

I haven't had a good nosey at their solution, but all these things are likely to work the same. If you know what sets a Cookie that needs consent on your website, these things are quite easy to implement. You will probably need some understanding of JavaScript to implement these checks/plug-ins, however.

[InterwebsGuy]

It probably set a cookie for that

No doubt about it - there is no other way it can really track your consent preference. It will be tricky to store it in a database as it will be difficult to identify you and your device again - though seemingly not impossible!

[JJonas]

Just found Ghostery which is handy for showing up trackers

Ghostery