[Wolves] Help me test my vegan recipes web-site, please

[Chris Ellis]

Hi

> From: wolves-bounces at mailman.lug.org.uk [wolves-bounces at mailman.lug.org.uk] on behalf of Keith Edmunds [kae at midnighthax.com]
> Sent: 17 July 2012 19:54
> To: wolves at mailman.lug.org.uk
> Subject: Re: [Wolves] Help me test my vegan recipes web-site, please
>
> [Hi Andy]
>
>> Because of the 'cookie law' it's now illegal to just drop cookies for
>> state tracking, so I decided to avoid them entirely for non-logged in
>> users.
>
> I can understand that conclusion, but that's not the law as I understand
> it (not that it's easily understood, mind). According to the Information
> Commissioner's Office, "Some cookies can be exempted from informed consent
> under certain conditions if they are not used for additional purposes.
> These cookies include cookies used to keep track of a user’s input when
> filling online forms or as a shopping card, also known as session-id
> cookies, multimedia player session cookies and user interface
> customisation cookies, eg language preference cookies to remember the
> language selected by the user."
>
> That's taken from
> http://www.ico.gov.uk/for_organisations/privacy_and_electronic_communications/the_guide/cookies.aspx
>
>
> Yes, I read a lot on that site, but it also says that exemption is a grey area, and re-iterates that you can't just say they are essential - there's a legal definition of that and it's not necessarily waht you'd expect.
>
> Andy D'Arcy Jewell
> SysMicro Linux Support

It was my interpretation from the guidance provided by the ICO, when
the law first enter stature last year.

That session cookies are fine.  The law permits cookies for what is
'strictly necessary' for the operation
of the website.  As such cookies which are used to maintain a session
can be sent without any permission
being required.

Additionally, if there is a specific call to action, where the user
has preformed a specific action, which need
to place a cookie for functional reasons, that is fine. IE: asking to
discover a users location to provide them
with tailored information.

What is not fine (and I agree with) is placing of cookies which have
the purpose of tracking a users activity.
IE, don't use Google Analytics or any advertising.

It is the responsibility of the website operator, for what their site
does.  You cannot hide behind the fact you
just use Google Analytics, ultimately you chose to use it.

You also cannot bury in your sites T&C's that you are using tracking
cookies, it has to be a positive action
agreeing to it.

Also, note the law is written not to be specific about cookies.  It is
storing data on an end user terminal,
so you can't say use caching to get around it.


This is the stance I take on my websites.

Chris