European Electronic Communications Framework Compliance

[abernyte]

May I draw your keen legal mind to the report to the EU-US Justice and Home Affairs Ministerial Troika Meeting (of 28 October 2009), with agreed principles which would apply to information exchanges for law enforcement purposes between the EU and USA.
The agreed principles are as follows:
Purpose Specification/Purpose Limitation;
Integrity/Data Quality;
Relevant and Necessary/Proportionality;
Information Security;
Special Categories of Personal Information (sensitive data);
Accountability;
Independent and Effective Oversight - in order to maintain accountability;
Individual Access and Rectification;
Transparency and Notice;
Redress
Automated Individual Decisions - "Decisions producing significant adverse actions concerning the relevant interests of the individual may not be based solely on the automated processing of personal information without human involvement unless provided for by domestic law and with appropriate safeguards in place, including the possibility to obtain human intervention";
Restrictions on Onward Transfers to Third Countries.

The mechanism is already agreed for action, but as I have already said the likelihood is remote. However if someone in the US with a US server was to piss off the EU sufficiently: http://en.wikipedia.org/wiki/European_U ... ition_case
http://news.yahoo.com/eu-gives-google-w ... nance.html
then who knows where it might lead.

[MoonfireArt]

Yes, I was aware of this, but agreed principles to not make a treaty and, so far as I am aware, such a treaty was never signed.

Both of those companies that you mention (Microsoft and Google), either operate storefronts or servers on european soil, which grants the EU Jurisdiction.

I was speaking of a case where there is no physical presence whatsoever in the EU, to which Jurisdiction would not attach. It is similar to what china did in blocking certain websites. They could not force those websites to shut down, because they were not on chinese soil, but could block the signal from those websites from entering their country.

That would be an option that the EU could pursue in the instance I specified above, but would quickly grow costly for them to do.

Again, I will look into the matter further, and I am NOT saying that I am absolutely right (though I am fairly sure). I can be wrong. It HAS been known to happen...

[MoonfireArt]

http://blog.silktide.com/2011/05/cookie ... d-to-know/
http://silktide.com/cookielaw

Quoted from the second link (and several other places I have checked)

The location of your hosting is irrelevant, but the location of your organisation is not. Your organisation must fall within the legal jurisdiction of the EU. Each member state has their own laws, which are based on the same EU directive, but may differ slightly.

For most small/medium organisations, being located in the EU will mean you must comply.

My research continues...

[MoonfireArt]

More supporting articles:
http://techcrunch.com/2011/03/09/stupid ... tone-dead/
http://socialmediaillumination.co.uk/is ... ite-legal/
http://silktide.com/templatefiles/EU%20 ... 0eBook.pdf
http://www.zdnet.com/blog/london/uk-821 ... -know/4910
http://smallbiztrends.com/2012/05/eu-cookie-laws.html

U.S.-based companies with a presence in the European Union, no matter how small, are still liable to E.U. laws, regardless of whether your website or Web application is hosted in the E.U. or elsewhere. Mobile application developers are also subject to the E.U. laws (see below).

In this scenario, while your U.S. website and all other non-E.U. websites are not liable to this law, your dedicated pages for the U.K., Italy, France, Germany, and so on, are all affected. It’s just the U.K. has taken a little longer to get the wheels in motion.

Basically it supports my theory. If your organization is registered outside of the EU, you are not hosted in the EU, and you do not have pages dedicated for EU country use, you are fine. Sometimes I am really grateful I live in the US.

[abernyte]

You are taking legal advice from a website that openly flouts the EU directive?
AddThis
http://s7.addthis.com/js/250/addthis_widget.js
http://s7.addthis.com/js/250/addthis_wi ... 0133841973
more infoDisqus
http://mediacdn.disqus.com/1340045485/b ... m/embed.js
more infoFacebook Connect
http://connect.facebook.net/en_GB/all.js
more infoGoogle Analytics
http://www.google-analytics.com/ga.js
more infoWordpress Stats
http://stats.wordpress.com/e-201225.js

Just read the Directive...it is really quite clear and unambiguous and has been law since 2003. I don't think Neelie Kroes will be overly disturbed by your 4 cookies.

[MoonfireArt]

It doesn't matter what the EU says. They can say I am forbidden to eat dairy on tuesdays, but if they don't have jurisdiction over me, how will they ever enforce it?

I've read the directive, but it honestly doesn't matter if I did or not. As my business is not in the EU, neither are my websites and neither am I, I could care less what it says. It can never apply to me, as they have no jurisdiction whatsoever over me.

[abernyte]

as they have no jurisdiction whatsoever over me

No one contests that.
However liable you are for your actions under EU law as long as you remain out of reach of a court of an EU member state you will be safe. But remember we are only talking about a few cookies here, not a capital offence.

Do you not find it ironic that a measure designed to preserve the freedom and privacy of the individual is being rubbished and mocked by someone hiding within "the land of the free"?
Not for the first time the US shows no great desire to maintain the principles on which your great nation was founded. But there again, the Constitution was drafted by Europeans.

[MoonfireArt]

Freedom and Privacy are all well and good. but remember, if people want to maintain their privacy, simply don't go on the internet. It's that simple.

Website owner's have "freedom" too, to place whatever they want to on their websites. No one is forcing people to visit it.

And not hiding in the "land of the Free", I was born here, my friend. Of course, if the truth be known, the US hasn't been the "land of the free" for years now.

However, this is getting a bit off topic. I would be happy to debate philosophical points in private e-mails, however. The point was, is that not every webmaster is subject to these cookie laws, and thus Joomla (a US based ocmpany, by the way), should not have to bend over backward to comply with it either. There are too many fundamental problems with Joomla that need to be addressed first.

I did have another option. What about an EU-spcific Joomla build, offered for download, that includes a module or plug-in to block the cookies until authorization is given. That way webmasters could be given a choice of what they wish to install.

[Webdongle]

....
Basically it supports my theory. If your organization is registered outside of the EU, you are not hosted in the EU, ....

Nobody said otherwise. This is not about organisations registered outside the EU.

[zeno]

Some interesting articles:

20+ examples of EU cookie law 'compliance'

ICO: implied cookie consent was always valid

Cookies and pop-ups – bad for your health or good in moderation?

[Webdongle]

...
I was speaking of a case where there is no physical presence whatsoever in the EU, to which Jurisdiction would not attach. It is similar to what china did in blocking certain websites. They could not force those websites to shut down, because they were not on chinese soil, but could block the signal from those websites from entering their country.
...

But nobody is disputing that. All you are doing is stating the obvious.

[krneki10]

Hello,

I have just tested all plugins and modules that I've managed to found for Joomla 1.5 but none is able to make EU cookie law adaption, that is to block all cookies unless visitors allow them.

There must be many Joomla users with that problems. What working solutions are available so far? I really have no idea what else to do .

[stutteringp0et]

You could upgrade to a supported version of Joomla and test again...

[krneki10]

I have already thought about that, but unfortunately I still use VirtueMart 1.x and Mynxx template so there would probably be a lot of complications with migration.

Here is official notice: NOTICE: Mynxx is a Joomla 2.5 template. Joomla 1.5 is unsupported but available for download. The Joomla 2.5 version of the Mynxx template does NOT yet contain any additional styling or extensions for VirtueMart. Support will be added in a future update after VirtueMart 2.1 has been released.

I believe I am somehow stuck with 1.5.26