Cookie laws
Andrew Eddie
I'm not familiar with the legalities but is there anything we need to
be preparing for (or lobbying as the case may be) regarding changes to
cookie laws?
Regards,
Andrew Eddie
http://learn.theartofjoomla.com - training videos for Joomla 1.6 developers
JM Simonet
cookies, not the kind we use for Joomla.
I.e. lang preferences, etc. are OK
The issue is the gathering of infos for advertising purposes.
This concerns entitites like Google, Facebook, AOL, Yahoo, etc.
Basically, it seems this law is targeting at the "remanent" cookies
and not the "session" cookies.
JM
>--
>You received this message because you are subscribed to the Google
>Groups "Joomla! CMS Development" group.
>To post to this group, send an email to joomla-...@googlegroups.com.
>To unsubscribe from this group, send email to
>joomla-dev-cm...@googlegroups.com.
>For more options, visit this group at
>http://groups.google.com/group/joomla-dev-cms?hl=en-GB.
--
>Please keep the Subject wording in your answers
This e-mail and any attachments may be confidential. You must not
disclose or use the information contained in this e-mail if you are
not the
intended recipient. If you have received this e-mail in error, please
notify us immediately and delete the e-mail and all copies.
-----------------------------------------------------------
Jean-Marie Simonet / infograf768
Joomla Leadership Team - Production Working group
Joomla! Translation Coordination Team
Michael Hamanaka
As far as i know this does concern only the "Do Not Track" part of cookies, not the kind we use for Joomla.
I.e. lang preferences, etc. are OK
The issue is the gathering of infos for advertising purposes.
This concerns entitites like Google, Facebook, AOL, Yahoo, etc.
Basically, it seems this law is targeting at the "remanent" cookies and not the "session" cookies.
JM
--
You received this message because you are subscribed to the Google Groups "Joomla! CMS Development" group.
To post to this group, send an email to joomla-...@googlegroups.com.
To unsubscribe from this group, send email to joomla-dev-cm...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/joomla-dev-cms?hl=en-GB.
Micheas Herman
session cookies to be ssl only by default.
The only widely used browser that does not support SNI (server name
identifier, which allows more than one ssl certificate on a single IP
address) is IE on windows XP.
At least putting a red warning sign that your login and sessions are
not secure would be a good step in the right direction.
I have not fully thought through the implementation, but being as
firefox, chrome, and safari on XP, and the Microsoft sanctioned
solution of upgrading to vista or w7 and running IE on that are all
viable workarounds to the IE XP issue, and that firesheep is going to
grow more robust over time, it would seem like this could be a way of
making a lot of websites a lot more secure.
brian teeman
ssnobben
On 26 Maj, 03:13, Michael Hamanaka <haman...@gmail.com> wrote:
> It is certainly an issue to be aware of in a community like this and for
> some periodic updates of knowledge from both sides of the argument.
> Possibly some innovations can be thought of and adopted as some
> users/governments will want to have more choices when it comes to privacy on
> every website, almost the same as the way some people want to have the font
> appear bigger or smaller, or their preferred language ;) It could be
> good for websites to have frontend exposed controls for privacy management
> that is related to just that site, but my friend, I would have to track
> that choice of yours in a cookie!
>
> Mike Hamanaka
> Website Production
> Vertualize.com
> > As far as i know this does concern only the "Do Not Track" part of cookies,
> > not the kind we use for Joomla.
> > I.e. lang preferences, etc. are OK
> > The issue is the gathering of infos for advertising purposes.
> > This concerns entitites like Google, Facebook, AOL, Yahoo, etc.
> > Basically, it seems this law is targeting at the "remanent" cookies and not
> > the "session" cookies.
> > JM
>
> > http://www.bbc.co.uk/news/technology-13541250
>
> >> I'm not familiar with the legalities but is there anything we need to
> >> be preparing for (or lobbying as the case may be) regarding changes to
> >> cookie laws?
>
> >> Regards,
> >> Andrew Eddie
Andrew Eddie
I think there are things we can do in the core distro to raise
awareness, like ensure that we have a good sample "privacy" page that
people can use in their own sites (possibly even part of the default
install without sample data). We could also do things like add an
optional message to the login module/page that also explicitly links
to an explanatory page.
However, I think the biggest potential problem lies in the extension
community where they are bolting onto a web service that uses 3rd
party cookies which trigger such legislation.
Regards,
Andrew Eddie
http://learn.theartofjoomla.com - training videos for Joomla 1.6 developers
brian teeman
my...@yalefamily.com
Sent on the Sprint® Now Network from my BlackBerry®
elin
Privacy policies should disclose that a site uses cookies, which can be like that used on joomla.org
Cookies are used to store visitors' preferences and record past activity. The core of Joomla! does not share cookie information with any third parties. Your browser has options that will allow you to clear and block cookies, but doing so may impact your experiences on this site.
Your IP address may be recorded as part of use of the contact form and in the collection of statistics about site use.
Should you choose to register on this site your name and email address will be stored. If you wish to remove your account contact the site administrator.
We really, really need to deal with that last point more appropriately in the core.
Elin
brian teeman
elin
I think there are things we can do in the core distro to raise
awareness, like ensure that we have a good sample "privacy" page that
people can use in their own sites (possibly even part of the default
install without sample data). We could also do things like add an
optional message to the login module/page that also explicitly links
to an explanatory page.
brian teeman
elin
How to comply with the UK's current law on cookies
We recommend that if your website uses cookies, you should:
- include a link to your privacy policy on all pages;
- explain in that policy how and why you use cookies; and
- include a link in your policy to www.aboutcookies.org so that your visitors can access instructions on deleting and controlling cookies.
"Member States shall ensure that the storing of information, or the gaining of access to information already stored, in the terminal equipment of a subscriber or user is only allowed on condition that the subscriber or user concerned has given his or her consent, having been provided with clear and comprehensive information, in accordance with Directive 95/46/EC, inter alia about the purposes of the processing. This shall not prevent any technical storage or access for the sole purpose of carrying out the transmission of a communication over an electronic communications network, or as strictly necessary in order for the provider of an information society service explicitly requested by the subscriber or user to provide the service."
Consequently some cookies do not need users' consent, because they are necessary to fulfil the user's request. That will cover, for example, the use of cookies to remember the contents of a user's shopping cart as the user moves through several pages on a website. Other cookies, including those used to count visitors to a site and those used to serve advertising, will require consent.
brian teeman
Jennifer Marriott
It is an important discussion to be had, and hopefully we should all be mindful that allowing everyone a chance to discuss and share their knowledge is essential to solution building. Due to your comment about being off-topic, I really hope you aren't insisting that the only regulations to be considered are Britain's new regulations. There are changes being brought up and thought about in the US also. It is a global issue. I think that the decisions that are going to be made are not going to be easy ones, nor satisfy everyone, but I am sure it will give everyone the flexibility they need to meet the regulations in their country or region and be adaptable as regulations and needs change.
brian teeman
Jennifer Marriott
brian teeman
Jennifer Marriott
Mark Yale
Hello all
Please help me make sure I am on the right track here on the topic and history, of cookies
1 they collect data from the browser
2 we can now clear the cookies from our browsers
3 they sit on our pc harddrives
4 they contain the site location user id and pw for each site within the specific browser used?
K let me stop there for a moment if there is more please list like above (thanks)
With that said it is the individual that has the option of deleting the cookies themselves
If I am correct on this NOW then this is a privacy awareness to an admin/user of joomla core/extensions used
Now also the privacy issues extends a bit further than that as I use the community builder (free version) and love the power and settings tool (something the basic core does NOT HAVE
(creating profile tabs / fields and requiring the fields to me filled in….
To me one of the reasons I AM USING JOOMLA and even the Community Builder are these:
1 I can force a registration for someone to View my site (parts or all)
2 with Cb I can hide some profile features to just the member themselves
Something that just occurred to me and am wondering, can a Generic Paragraph be written about what cookies do and how they work build it into the Joomla Core and add it in the Admin BACKEND maybe in the site config settings to allow admins to decide if they want to show that written paragraph for people WHO REGISTER onto the joomla site that is created by someone. Just like the e mail verification, make there be a way where as a user registers they MUST CHECK a box (like some forums) before they can continue to register onto the site acknowledging they have read the awareness paragraph.. (make it printable for the user to) even build it into a faq system.. but as a user Checks this box stating they have read the paragraph, allow it to be kept into a dbase log that can be exported through joomla in a crv file (this will protect the admins of the site to) from those who say they didn’t read the paragraph.
I think this paragraph will help those with the current discussion on the cookie laws whether it be global or USA or EU
In doing this I think that would make it easier to create awareness to each user that joins ANY JOOMLA CREATED SITE.. if joomla is created to not allow cookies then that could be added with the awareness paragraph or have it up to an admin to decide if they want their site to do even a form of tracking where a visitor comes from (search engine or a link from another site and what browser they are using)
The 2 basic things as an admin I want to know is where the person came from (search engine, facebook ad, or facebook group or even a link from another site even an e mail list (subscribe unsubscribe) I also want to know the browser and version they use….. because then I can ask if they are viewing my site the way I have it set up and designed (with a template)
I know this seems like a lot
(please don’t take the caps as yelling, I am using them to point out areas of my thinking)
This can be food for thought
Thanks all
Mark
From: joomla-...@googlegroups.com [mailto:joomla-...@googlegroups.com] On Behalf Of Jennifer Marriott
Sent: Thursday, May 26, 2011 10:52 PM
To: joomla-...@googlegroups.com
Subject: Re: Cookie laws
I think if you read Elin's response Brian you will see that she agrees that we, Joomla, have important issues to discuss regarding these new regulations, and not only regarding Britain's new regulations, but new regulations regarding privacy, tracking and other personal data security that most likely are going to be changing and adapting all over the world in the near future.
It is an important discussion to be had, and hopefully we should all be mindful that allowing everyone a chance to discuss and share their knowledge is essential to solution building. Due to your comment about being off-topic, I really hope you aren't insisting that the only regulations to be considered are Britain's new regulations. There are changes being brought up and thought about in the US also. It is a global issue. I think that the decisions that are going to be made are not going to be easy ones, nor satisfy everyone, but I am sure it will give everyone the flexibility they need to meet the regulations in their country or region and be adaptable as regulations and needs change.
--
elin
Proceedings for compensation for failure to comply with requirements of the Regulations
30.—(1) A person who suffers damage by reason of any contravention of any of the requirements of these Regulations by any other person shall be entitled to bring proceedings for compensation from that other person for that damage.
(2) In proceedings brought against a person by virtue of this regulation it shall be a defence to prove that he had taken such care as in all the circumstances was reasonably required to comply with the relevant requirement.
(3) The provisions of this regulation are without prejudice to those of regulation 31.
