Joomla! • View topic - European Electronic Communications Framework.

Board index » Joomla! Older Version Support » Joomla! 1.5 » General Questions/New to Joomla! 1.5

Forum rules

Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting.
Forum Post Assistant - If you are serious about wanting help, you should use this tool to help you post.

European Electronic Communications Framework.

Moderator: General Support Moderators

Page 6 of 7

[ 199 posts ]

Go to page Previous 1 ... 3, 4, 5, 6, 7 Next

Print view

Previous topic | Next topic

Author

Message

abernyte

Post subject: Re: European Electronic Communications Framework.

Posted: Thu Jul 28, 2011 7:44 am

Joomla! Virtuoso

Joined: Fri May 15, 2009 2:01 pm
Posts: 3143
Location: Écosse - Scozia - Escocia - Škotija -स्कॉटलैंड

It applies to all sites that are hosted within the jurisdiction of a EU member country's legal system or to any site which does significant business in or specifically targets consumers or users within the EU, regardless of where they are hosted.
http://www.gtlaw.com/NewsEvents/Publica ... ind=150935
I have no idea how enforcement action might be taken on the last part of that, although a mechanism does exist for site hosted in the USA although not specifically for this purpose.

_________________
A pretty business indeed for a man to be allowed eight hundred thousand sterling a year and worshipped into the bargain! Of more worth is one honest man to society...than all the crowned ruffians that ever lived. Paine 1776

Top

mandville

Post subject: Re: European Electronic Communications Framework.

Posted: Thu Jul 28, 2011 11:32 am

Joomla! Master

Joined: Mon Mar 20, 2006 1:56 am
Posts: 11706
Location: The Girly Side of Joomla in Sussex

Bearing the enclosed paragraph from your quoted link

Quote:

The amended Directive now states that a cookie can be stored on a user’s computer, or accessed from that computer, only if the user “has given his or her consent, having been provided with clear and comprehensive information.” It still contains an exception if the cookie is “strictly necessary” for the provision of a service “explicitly requested” by the user. Thus, cookies can take a user from a page listing goods or services for sale to an online checkout page without the need for consent.
Likewise, cookies needed for technical or security reasons are still permitted without consent.
Other types of cookies — such as those used for advertising — will require prior consent. The implications for cookies used by web analytics services to evaluate anonymous clickstream data, such as Google Analytics, are less clear.

I think that what is unclear is this affects non business/trading sites, eg "John, Jilly and baby Juju family page at some ISPpages", or a local community group online forum.

Im tempted to replicate my 1.5 sites into a straight php landing page with an alert on all links to the main site with a forced index.php redirect for absolute urls.

_________________
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be added to the foe list and possibly just deleted
{Community.Connect Administrator }{ Showcase & Security Moderator}

Last edited by mandville on Thu Jul 28, 2011 12:47 pm, edited 1 time in total.

Top

abernyte

Post subject: Re: European Electronic Communications Framework.

Posted: Thu Jul 28, 2011 12:13 pm

Joomla! Virtuoso

Joined: Fri May 15, 2009 2:01 pm
Posts: 3143
Location: Écosse - Scozia - Escocia - Škotija -स्कॉटलैंड

mandville wrote:

I think that what is unclear is this affects non business/trading sites, eg "John, Jilly and baby Juju family page at some ISPpages", or a local community group online forum.

I agree there is a general assumption that this is only an issue for commercial sites. Insufficient emphasis has been placed on the reality that it encompasses all websites and is not restricted to cookies but all forms of this type of behaviour (web-bugs , Flash objects etc.). The Kookie Grab extension in the JED will be useful for many who need compliance now and your approach may also be a way forward.

The real change will come when behavioural advertising is brought under proper control. This legislation is only Part 1 of what the EU is implementing. Part 2 is still a few years off.

Top

Webdongle

Post subject: Re: European Electronic Communications Framework.

Posted: Thu Jul 28, 2011 2:46 pm

Joomla! Master

Joined: Sat Apr 05, 2008 9:58 pm
Posts: 23363
Location: @Webdongle

mandville wrote:

....
Im tempted to replicate my 1.5 sites into a straight php landing page with an alert on all links to the main site with a forced index.php redirect for absolute urls.

Having a static html splash page is a good way of doing it for site owners

As for enforcement

Quote:

The government’s view is that there should be a phased approach to the implementation of these changes. In light of this if the ICO were to receive a complaint about a website, we would expect an organisation’s response to set out how they have considered the points above and that they have a realistic plan to achieve compliance. We would handle this sort of response very differently to one from an organisation which decides to avoid making any change to current practice. The key point is that you cannot ignore these rules.
....

http://www.ico.gov.uk/~/media/documents ... ations.pdf

"if the ICO were to receive a complaint about a website" appears to suggest that they will only look at sites they receive complaints about ? Also that so long as the site owner has taken steps to comply (even if full compliance is not attained) that will satisfy them ?

I did read somewhere on their site that they will(if asked) have to reveal the details of the person making the complaint. IMHO they are trying to discourage irresponsible reporting of sites ?

But again I have serious doubts about what teeth they have if they decide to 'go after' a website ?

_________________
http://weblinksonline.co.uk/joomla-faq.html

Top

infocom

Post subject: Re: European Electronic Communications Framework.

Posted: Mon Aug 01, 2011 10:19 am

Joomla! Intern

Joined: Sun Oct 22, 2006 2:26 pm
Posts: 96

Hi. This discussion is quite involved, I dont think everyone needs to follow this, but we do need some answers so I wondered if there is an official conclusion on this yet please? In my opinion there are two questions the Joomla community need:

1) Does Joomla and/or its extensions that use Cookies need to implement a request for cookies?
2) What solution needs to be implemented to make this work, if we do need to conform?

If this is not known yet, would anyone know when we can checkback or have an official announcement some time before the 1 year extension so we can check back then?

It would be good if there was an official Joomla page devoted to this (a closed topic) that we can just subscribe to for official updates.

Thanks a lot!

Top

abernyte

Post subject: Re: European Electronic Communications Framework.

Posted: Mon Aug 01, 2011 11:58 am

Joomla! Virtuoso

Joined: Fri May 15, 2009 2:01 pm
Posts: 3143
Location: Écosse - Scozia - Escocia - Škotija -स्कॉटलैंड

Q1...If you are hosted in the EU then yes, your website needs to obtain explicit consent for any cookie. (Let's leave the Joomla session cookie out of this for now) That is the legal position right now. The one years grace is a UK only concession on prosecution. This is the responsibility of the site owner and not Joomla.
Q2...Is the solution best provided by Joomla? That question has been asked of the Leadership Team and is being considered. If we bring the session cookie back now, then it is something that Joomla needs to address. There is no white smoke on this for now, of which I am aware, but as it only affects the EU (more or less but that is another complicated discussion) it may not be a priority.

IMHO..I would not anticipate a technical solution via the Joomla core in the short term.

Top

infocom

Post subject: Re: European Electronic Communications Framework.

Posted: Mon Aug 01, 2011 12:54 pm

Joomla! Intern

Joined: Sun Oct 22, 2006 2:26 pm
Posts: 96

Hi thanks for the reply... I was hoping for a definitive confirmation, but I think these points still lead to more questions which is..

1) So to confirm.. Joomla DOES NOT need a cookie to function? (some years ago on an older version people with cookies disabled could not login). If it is required then we can use it.

2) This depends I think... if the core system creates the cookie then it is a Joomla core team function, I don't expect Joomla users to hack core files to make it work, which then is overwritten by updates because the core does not include it. Unless a third party extension can be added to override this and give the choice.

I suppose the above questions apply to all Joomla extensions and would be the responsibility of the extension developer to make the statement, and whether a plugin can override their cookies.

Thanks

Top

Webdongle

Post subject: Re: European Electronic Communications Framework.

Posted: Mon Aug 01, 2011 2:52 pm

Joomla! Master

Joined: Sat Apr 05, 2008 9:58 pm
Posts: 23363
Location: @Webdongle

infocom wrote:

..... Unless a third party extension can be added to override this and give the choice.

I suppose the above questions apply to all Joomla extensions and would be the responsibility of the extension developer to make the statement, and whether a plugin can override their cookies.

Thanks

Perhaps search JED to see ?

This link may interest you ? http://ideas.joomla.org/forums/84261-jo ... ?ref=title

_________________
http://weblinksonline.co.uk/joomla-faq.html

Top

infocom

Post subject: Re: European Electronic Communications Framework.

Posted: Mon Aug 01, 2011 3:06 pm

Joomla! Intern

Joined: Sun Oct 22, 2006 2:26 pm
Posts: 96

Just this single one for Joomla 1.6
http://extensions.joomla.org/extensions ... aWUiO30%3D

Top

abernyte

Post subject: Re: European Electronic Communications Framework.

Posted: Mon Aug 01, 2011 3:46 pm

Joomla! Virtuoso

Joined: Fri May 15, 2009 2:01 pm
Posts: 3143
Location: Écosse - Scozia - Escocia - Škotija -स्कॉटलैंड

Quote:

So to confirm.. Joomla DOES NOT need a cookie to function?

Joomla does indeed need a cookie to function. You cannot register or log in and out a user without a cookie. You can obtain their consent prior to them logging in which is within the regulations.
Joomla, like all php driven sites,also starts a session as soon as you arrive on the site and drops a cookie without any consent. That is not lawful within the regulations and no alterations to date have been made to address that.

Third party extensions which drop cookies can be blocked to obtain consent by the use of the KookieGrab extension in the JED.

It is definitely not the developers responsibility to obtain the the consent, it is the owner of the website. The extension could be used legally outside of the EU so you cannot devolve the responsibility.

Google Analytics and Adsense cookies will be the greatest culprits and it is entirely within the remit of the site owner whether or not to deploy them. If you do...you have obtain consent prior to dropping the cookie.

Top

fredrikk

Post subject: Re: European Electronic Communications Framework.

Posted: Fri Aug 26, 2011 11:52 am

Joomla! Apprentice

Joined: Mon Aug 31, 2009 4:40 pm
Posts: 10
Location: Stockholm, Sweden

PhilD wrote:

In my experience All versions of Joomla put a cookie in your browser without asking and without having to log in.

Name: fc5d2c8fa69b29a554ebc38b36af918e
Content 585442c7f9eb611a533033d6365f22e5
Host: xxxxxxxx.com
Path /
Send for: Any type of connection
Expires At end of session

So, does anyone know what this "general" Joomla cookie does?

For many Joomla sites, this would be the only cookie. And if it is harmless, the issue will be much easier.

Top

abernyte

Post subject: Re: European Electronic Communications Framework.

Posted: Fri Aug 26, 2011 12:39 pm

Joomla! Virtuoso

Joined: Fri May 15, 2009 2:01 pm
Posts: 3143
Location: Écosse - Scozia - Escocia - Škotija -स्कॉटलैंड

As I understand it, and this could be wrong - in which case it will get swiftly stamped on-the initial cookie serves no other purpose other that to issue the user an identifier in anticipation of requiring to store a user preference.
If the user goes on to login, the session is forked and the cookie amended and a new session ID sent to reflect this. Since they are both to the same path the browser should use the second one and ignore the first.
This is not unique to Joomla and is commonly used by php driven CMS.

Top

fredrikk

Post subject: Re: European Electronic Communications Framework.

Posted: Fri Aug 26, 2011 1:09 pm

Joomla! Apprentice

Joined: Mon Aug 31, 2009 4:40 pm
Posts: 10
Location: Stockholm, Sweden

If that is the case, then I think there shouldn't be so much problem with the new law.

Top

abernyte

Post subject: Re: European Electronic Communications Framework.

Posted: Fri Aug 26, 2011 2:04 pm

Joomla! Virtuoso

Joined: Fri May 15, 2009 2:01 pm
Posts: 3143
Location: Écosse - Scozia - Escocia - Škotija -स्कॉटलैंड

Why? The offence is setting a cookie without permission not what the cookie does.

Top

Webdongle

Post subject: Re: European Electronic Communications Framework.

Posted: Fri Aug 26, 2011 2:37 pm

Joomla! Master

Joined: Sat Apr 05, 2008 9:58 pm
Posts: 23363
Location: @Webdongle

echo abernyte

Plus I set my Browser to ask before accepting cookies. But that cookie bypasses the Browser setting and ends up on the computer ?

_________________
http://weblinksonline.co.uk/joomla-faq.html

Top

fredrikk

Post subject: Re: European Electronic Communications Framework.

Posted: Fri Aug 26, 2011 3:03 pm

Joomla! Apprentice

Joined: Mon Aug 31, 2009 4:40 pm
Posts: 10
Location: Stockholm, Sweden

abernyte wrote:

Why? The offence is setting a cookie without permission not what the cookie does.

Yes, thats what the new regulations says. But there will certainly be an interpretation based on what the cookie really does.

Top

abernyte

Post subject: Re: European Electronic Communications Framework.

Posted: Fri Aug 26, 2011 3:45 pm

Joomla! Virtuoso

Joined: Fri May 15, 2009 2:01 pm
Posts: 3143
Location: Écosse - Scozia - Escocia - Škotija -स्कॉटलैंड

As there is no provision in the Regulation or in the domestic UK legislation for that, I cannot see where a court can find in favour of that view.
Perhaps other EU countries may draft their legislation differently but in that case it is unlikely to satisfy the Commission that the Regulation has been enacted correctly.

Top

Webdongle

Post subject: Re: European Electronic Communications Framework.

Posted: Fri Aug 26, 2011 4:27 pm

Joomla! Master

Joined: Sat Apr 05, 2008 9:58 pm
Posts: 23363
Location: @Webdongle

fredrikk wrote:

....
Yes, thats what the new regulations says. But there will certainly be an interpretation based on what the cookie really does.

I agree with abernyte in that the courts would take the law literally. However(as can be seen by my other posts) methinks the ICO will not chase too hard. And are trying to 'tactfully' say they will use common sense.

Especially as their site does not comply

Quote:

Content Management System cookie

This cookie is set by our Content Management System on a small number of browsers, upon arrival to the ICO site. It is not used by the ICO for any purpose. This cookie is deleted when a user closes their browser.

We have recently become aware of this cookie. We are working with the supplier of our content management system to remove it or, if it can’t be removed, to find another solution.

http://www.ico.gov.uk/Global/privacy_statement.aspx

Interesting to note that cookie is only used by some Browsers.

Also interesting is that http://www.parliament.uk/documents/uplo ... ffices.pdf mentions nothing about obtaining permission.

Also please see

http://ec.europa.eu/justice/policies/pr ... 187_en.pdf
It appears that the EU are only regulating cookies that collect personal information ?

_________________
http://weblinksonline.co.uk/joomla-faq.html

Top

abernyte

Post subject: Re: European Electronic Communications Framework.

Posted: Fri Aug 26, 2011 5:25 pm

Joomla! Virtuoso

Joined: Fri May 15, 2009 2:01 pm
Posts: 3143
Location: Écosse - Scozia - Escocia - Škotija -स्कॉटलैंड

Total shambles...isn't it!

Top

over

Post subject: Re: European Electronic Communications Framework.

Posted: Wed Sep 14, 2011 2:40 pm

Joomla! Intern

Joined: Thu Jan 18, 2007 5:35 pm
Posts: 63

Want to add to the necessity to the active consent before setting any cookie. It might be a special Swedish interpretation of the EU directive but I guess not. Found on an official governmental site.

You have to inform the user about all cookies with
- name and domain
- data stored
- for how long
- why it is stored
- if it is a third party cookie

So keep track on your cookies!

Top

over

Post subject: Re: European Electronic Communications Framework.

Posted: Tue Sep 20, 2011 2:39 pm

Joomla! Intern

Joined: Thu Jan 18, 2007 5:35 pm
Posts: 63

I have an alternative first work around to the Kookie Grab module using an override for the log in module. Includes multilingual and normal user log in.

Session cookie and probably language code cookie remains as problems.

See this forum item.
http://forum.joomla.org/viewtopic.php?f=642&t=654849&p=2621168#p2621168

Top

Webdongle

Post subject: Re: European Electronic Communications Framework.

Posted: Tue Sep 20, 2011 3:25 pm

Joomla! Master

Joined: Sat Apr 05, 2008 9:58 pm
Posts: 23363
Location: @Webdongle

The Kookie_Grab was intended as a 'stop gap' until something is incorporated into the Joomla core. It does not stop cookies created by Components and needs manual setting up. Any improvement on it would be welcomed. Although ideally Joomla will have some sort of cookie control in the core.

_________________
http://weblinksonline.co.uk/joomla-faq.html

Top

over

Post subject: Re: European Electronic Communications Framework.

Posted: Wed Sep 21, 2011 10:33 am

Joomla! Intern

Joined: Thu Jan 18, 2007 5:35 pm
Posts: 63

Yes Webdongle,

I hope that the core team come up with a solution soon. That's why I also, beside the session cookie, mention the language code cookie as a problem.

This is, as I wrote, only work arounds. It also in away stops "cookie components" if you set the menu access level accordingly. Maybe it doesn't completely close the backdoor - browser address field. I'll test it.

Do you know where I can contact the Kookie Grab developer? I didn't find a way. I do not want to create a second module but I would need some parameters to control the output for non php-people. i.e. my ideas could extend Kookie Grab.

Top

abernyte

Post subject: Re: European Electronic Communications Framework.

Posted: Wed Sep 21, 2011 5:04 pm

Joomla! Virtuoso

Joined: Fri May 15, 2009 2:01 pm
Posts: 3143
Location: Écosse - Scozia - Escocia - Škotija -स्कॉटलैंड

PM Webdongle. I am sure he can help you find the developer.

Top

Webdongle

Post subject: Re: European Electronic Communications Framework.

Posted: Wed Sep 21, 2011 8:34 pm

Joomla! Master

Joined: Sat Apr 05, 2008 9:58 pm
Posts: 23363
Location: @Webdongle

over wrote:

...
Do you know where I can contact the Kookie Grab developer?...

Attachment:

Screenshot-756.png

You do not have the required permissions to view the files attached to this post.

_________________
http://weblinksonline.co.uk/joomla-faq.html

Top

Webdongle

Post subject: Re: European Electronic Communications Framework.

Posted: Fri Feb 10, 2012 12:46 am

Joomla! Master

Joined: Sat Apr 05, 2008 9:58 pm
Posts: 23363
Location: @Webdongle

Quote:

The countdown clock creeps closer to May 2012, when the ‘lead in’ period for the cookies regulations will end, and the Information Commissioner may start taking enforcement action against those not in compliance.

http://www.google.co.uk/url?sa=t&rct=j& ... inCPO9oX2w

_________________
http://weblinksonline.co.uk/joomla-faq.html

Top

mandville

Post subject: Re: European Electronic Communications Framework.

Posted: Fri Feb 10, 2012 2:54 pm

Joomla! Master

Joined: Mon Mar 20, 2006 1:56 am
Posts: 11706
Location: The Girly Side of Joomla in Sussex

ok, and interesting line is this

Quote:

The Information Commissioner does however recognise that many websites set cookies as soon as a user accesses the site. Where it is not possible to obtain prior consent websites should be able to demonstrate that they are doing as much as possible to reduce the amount of time before the user receives information about cookies and is provided with options.

http://www.jisclegal.ac.uk/ManageConten ... /2051.aspx
i would still recommend reading this document
http://www.ico.gov.uk/news/latest_news/ ... tions.ashx

_________________
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be added to the foe list and possibly just deleted
{Community.Connect Administrator }{ Showcase & Security Moderator}

Top

abernyte

Post subject: Re: European Electronic Communications Framework.

Posted: Fri Feb 10, 2012 4:16 pm

Joomla! Virtuoso

Joined: Fri May 15, 2009 2:01 pm
Posts: 3143
Location: Écosse - Scozia - Escocia - Škotija -स्कॉटलैंड

The problem with that statement is that the first sentence is the position of the UK Regulator. The second sentence is the opinion of the author of the article.
The session cookie may escape regulatory notice if the user is clearly informed it has been dropped immediately they enter the site.

Google are currently punting the line to the EU Commissioners that the Analytics's cookie is a first party cookie restricted only to the server of the domain in which it is set, therefore any tracking that it does is only the property of the site visited and should not require prior consent. They are less effusive on the Adsense cookie.
Sorry Google and website owner, I have no desire to be tracked on yours or any other site without giving my informed consent and that is what the Law says. So comply.

Top

Webdongle

Post subject: Re: European Electronic Communications Framework.

Posted: Fri Feb 10, 2012 4:28 pm

Joomla! Master

Joined: Sat Apr 05, 2008 9:58 pm
Posts: 23363
Location: @Webdongle

Interesting to note that the ICO's CMS drops a session cookie and they say

Quote:

The supplier of our content management system (the software we use to update our website) is working to remove this cookie from their product.

http://www.ico.gov.uk/Global/privacy_statement.aspx

_________________
http://weblinksonline.co.uk/joomla-faq.html

Top

mandville

Post subject: Re: European Electronic Communications Framework.

Posted: Fri Feb 10, 2012 4:30 pm

Joomla! Master

Joined: Mon Mar 20, 2006 1:56 am
Posts: 11706
Location: The Girly Side of Joomla in Sussex

page 6 of the the linked pdf on the ico states

Quote:

The Information Commissioner does however recognise that currently many websites set cookies as soon as a user accesses the site. This makes it difficult to obtain consent before the cookie is set. Wherever possible the setting of cookies should be delayed until users have had the opportunity to understand what cookies are being used and make their choice. Where this is not possible at present websites should be able to demonstrate that they are doing as much as possible to reduce the amount of time before the user receives information about cookies and is provided with options. A key point here is ensuring that the information you provide is not just clear and comprehensive but also readily available.

now if someone gets the tool that aboutcookies site uses to work properly in 1.5 /2.5 that would be brill

_________________
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be added to the foe list and possibly just deleted
{Community.Connect Administrator }{ Showcase & Security Moderator}

Top

Page 6 of 7

[ 199 posts ]

Go to page Previous 1 ... 3, 4, 5, 6, 7 Next

Board index » Joomla! Older Version Support » Joomla! 1.5 » General Questions/New to Joomla! 1.5

Who is online

Users browsing this forum: jacdig, steveki and 28 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:

Welcome to Joomla!

Recent Joomla! News

Support Joomla!

What Is Joomla?

Joomla! for Business

Joomla! for Developers

Learn more about Joomla!

Connect!

Support!

Read!

Get involved with Joomla!

Directories

Developers

Download Joomla! 2.5

Download Joomla! 3.1

Getting Started with Joomla!

Internationalization

The Joomla! Forum ™

Forum rules

European Electronic Communications Framework.

Who is online