Posting in the Magento forums has been disabled pending the implementation of a new and improved forum solution which should better serve the community.

For new questions please post at magento.stackexchange.com, the community-run support site for the Magento community. We will be providing updates on the new forum solution soon. For questions or concerns please email community@magento.com.

Magento Forum

Page 1 of 2
New European e-Privacy laws…
 
flowstack
Sr. Member
 
Avatar
Total Posts:  159
Joined:  2008-01-30
London, United Kingdom
 

I am keen to hear your thoughts on the new e-Privacy laws that will soon be upon us. Are they a good or bad thing? Are cookies something we must just put up with?

It will be interesting to see what changes European store owners will need to make to Magento in order to comply with the regulations. I hope not too many, but you never know. Guess we will find out when the law is put in place later this year…

http://www.bbc.co.uk/news/technology-12668552

If anyone has any more information about the new law and what impact it may have on UK store owners, then let us know.

 
Magento Community Magento Community
Magento Community
Magento Community
 
hangtimeco
Jr. Member
 
Avatar
Total Posts:  7
Joined:  2009-02-19
 

Heard about this on Radio 4!  Starting to panic as i\’m not sure how to get Magento to ask for permission to store cookies????  Anyone4 out there know?  any modules developed?  I\’ve searched and searched but can\’t find much about it!

anyway a link i found that explains the law is here: Cookie Laws

PLEASE HELP with the current financial climate i can\’t afford a £5000 fine for non-compliance!

Thanks

Alex

 
Magento Community Magento Community
Magento Community
Magento Community
 
DaymoH
Sr. Member
 
Total Posts:  106
Joined:  2008-09-18
 

Anyone had any thoughts on this?

 
Magento Community Magento Community
Magento Community
Magento Community
 
View 6 Com
Sr. Member
 
Avatar
Total Posts:  83
Joined:  2008-11-07
Brighton Sussex UK
 

hi all

im not a lawyer but i think this exception should cover it:

The only exception to this rule is if what you are doing is ‘strictly
necessary’ for a service requested by the user.  This exception is a
narrow one but might apply, for example, to a cookie you use to
ensure that when a user of your site has chosen the goods they
wish to buy and clicks the ‘add to basket’ or ‘proceed to checkout’
button, your site ‘remembers’ what they chose on a previous page. 
You would not need to get consent for this type of activity. 

taken from :
http://www.ico.gov.uk/~/media/documents/library/Privacy_and_electronic/Practical_application/advice_on_the_new_cookies_regulations.pdf

 
Magento Community Magento Community
Magento Community
Magento Community
 
simonlilly
Member
 
Total Posts:  33
Joined:  2008-02-18
 

Pod1 (Magento developers) have done a nice introductory post here, well worth a read:

http://blog.pod1.com/other/eu-cookie-law-ico-publishes-guidelines/

It’s well worth doing a Cookie audit of your site and assessing the privacy implications of each cookie. Once you have this information, build a plan of how to deal with each one. Just taking these two simple steps will put you in a good place to deal with the law change on the 26th May.

If whilst doing the audit you do discover Cookie’s that contain sensitive information, take steps to address these before the 26th May.

 
Magento Community Magento Community
Magento Community
Magento Community
 
Mage Guru
Sr. Member
 
Avatar
Total Posts:  79
Joined:  2009-07-07
 

Hi All,

A solution to the new cookie laws would be appreciated.

ie. a step by step or a module.

Let me know if anyone has any updates.

Thanks

 
Magento Community Magento Community
Magento Community
Magento Community
 
CoastAMS
Member
 
Avatar
Total Posts:  57
Joined:  2011-03-24
Bath
 

nothing...?

Google Analytics seem to be them main problem - has anyone got anything working for this?

 
Magento Community Magento Community
Magento Community
Magento Community
 
itchytrig
Sr. Member
 
Avatar
Total Posts:  162
Joined:  2008-10-03
UK
 

Plugins are available that ‘start’ to address the problem for say Wordpress, but what for the all mighty Magento?

Be good to hear from the Magento guys n girls themselves...!

26th May is looming…

Interesting article here on UK / EU compliance:
http://sitebeam.net/assets/Uploads/EU-Cookie-Law-eBook.pdf

 
Magento Community Magento Community
Magento Community
Magento Community
 
Workwell
Member
 
Avatar
Total Posts:  63
Joined:  2010-05-05
London
 

Ooh, all a little bit confusing and worrying!

Perhaps some clear ideas could be thrown into the mix.

Obviously the first step as a developer/site owner is to identify what cookies are being called by the magento site (cookie audit), easily done when looking a Chrome’s preferences - but what does it all mean, where’s the physical file, how can the cookies content be examined!!!

There does seem to be some steps clearly indicated in Simon Lilly’s post http://www.simonlilly.com/e-commerce/looking-inside-the-cookie-jar-how-to-carry-out-a-cookie-audit/ the first step being that an explanation of cookie use must be explained in a simplified way somewhere on the website.

Perhaps, as a temporary measure there also needs to be a pop up to inform customers that the site uses cookies and by means of a tick box the customer allows cookie use. Perhaps!

One of the larger implications is the use of google analytics, okay we all know that google are a law unto themselves, but using tracking opens up a whole can of worms and legal implications for all of us.

It has been suggested that a Magento extension could help safeguard us from potential legal action, this seems to be the best option for the majority of us. Strange that Magento doesn’t appear to be forthcoming with any information especially since Magento uses cookies so heavily. They appear to be covering their own backs in their policy statement (I would suggest using some of their content to explain cookie use on your own site) http://www.magentocommerce.com/company/privacy

In summary I guess the more information we gather the better prepared we will be when the ###### hits the fan in May! All I can say, is keep sharing any solutions and ideas or we’ll all be F####ED!!

 
Magento Community Magento Community
Magento Community
Magento Community
 
John
Sr. Member
 
Avatar
Total Posts:  129
Joined:  2007-12-20
Sheffield, United Kingdom
 

Have a look at the ICO website - they use analytic and other cookies.  They have a great cookie description page and a box at the top asking if users want to opt in. 

Given this is the ICO site I am going to use this as a template.  Note sure technically how to block Analytic for a user yet but that will come. 

Rgds
John

 
Magento Community Magento Community
Magento Community
Magento Community
 
dolestar
Member
 
Total Posts:  41
Joined:  2009-03-03
 

the ICO saw their tracked traffic drop by 90% the very same day they implemented their GA opt in - that would decimate our ability to legitimately monitor our sites performance.

I for one am praying for an 11th hour rewrite of the rules to allow GA.

 
Magento Community Magento Community
Magento Community
Magento Community
 
Rich Cleverley
Moderator
 
Avatar
Total Posts:  285
Joined:  2009-01-20
 

Magento have obviously listened and implemented cookie requirement code in v.1.7 which was released today.  I’ve only had a quick look and it seems to work in a similar way to the ICO site. I’m not sure how changes to cookies and re opting in would be handled but seeing as the rules and guidance are so hazy it’s a veritable minefield (At least the ICO have said they will take notice of companies attempting to implement something).

Anyone else have any ideas on what else they would like to see?

 
Magento Community Magento Community
Magento Community
Magento Community
 
dolestar
Member
 
Total Posts:  41
Joined:  2009-03-03
 
richclever - 25 April 2012 05:29 AM

Magento have obviously listened and implemented cookie requirement code in v.1.7 which was released today.  I’ve only had a quick look and it seems to work in a similar way to the ICO site. I’m not sure how changes to cookies and re opting in would be handled but seeing as the rules and guidance are so hazy it’s a veritable minefield (At least the ICO have said they will take notice of companies attempting to implement something).

Anyone else have any ideas on what else they would like to see?

we have performed and documented a cookie audit across both of our sites (1 magento, 1 joomla).  we removed some old double click tags and I have written a justification for the remaining ones - which essentially is just the required session cookie for magento to operate, and GA, which I have argued is an essential business resource that doesnt allow us to build a customer profile as it is annonymous.

This isnt strictly in keeping with the rules, but if the ICO come a’knocking atleast we can demonstrate we took head of their advise, made some improvements and will now better educate our web visitors through a cms page, highlighted from the home page about what cookies we use and why.

It could ofcourse go the other way - if the media blow it up as they love to do, then consumers may feel happier seeing the opt in, at least for a while. 

Its worth noting that vast swathes of the ICO’s previous albums, sorry legislation (ive got Urban Cookie Collective/ EUrban Cookie Directive on the brain with this subject), were never enforced.

 
Magento Community Magento Community
Magento Community
Magento Community
 
Rich Cleverley
Moderator
 
Avatar
Total Posts:  285
Joined:  2009-01-20
 

Like you I think the main worry is how the media report on this and whether it will spawn hysteria from the public due to not understanding things properly.  Interestingly I installed a vanilla 1.7 this morning to have a look at how Magento had implemented this and was somewhat surprised when I viewed the stock cookie list in the privacy statement.

COOKIE name COOKIE Description
CART The association with your shopping cart.
CATEGORY_INFO Stores the category info on the page, that allows to display pages more quickly.
COMPARE The items that you have in the Compare Products list.
CURRENCY Your preferred currency
CUSTOMER An encrypted version of your customer id with the store.
CUSTOMER_AUTH An indicator if you are currently logged into the store.
CUSTOMER_INFO An encrypted version of the customer group you belong to.
CUSTOMER_SEGMENT_IDS Stores the Customer Segment ID
EXTERNAL_NO_CACHE A flag, which indicates whether caching is disabled or not.
FRONTEND You sesssion ID on the server.
GUEST-VIEW Allows guests to edit their orders.
LAST_CATEGORY The last category you visited.
LAST_PRODUCT The most recent product you have viewed.
NEWMESSAGE Indicates whether a new message has been received.
NO_CACHE Indicates whether it is allowed to use cache.
PERSISTENT_SHOPPING_CART A link to information about your cart and viewing history if you have asked the site.
POLL The ID of any polls you have recently voted in.
POLLN Information on what polls you have voted on.
RECENTLYCOMPARED The items that you have recently compared.
STF Information on products you have emailed to friends.
STORE The store view or language you have selected.
USER_ALLOWED_SAVE_COOKIE Indicates whether a customer allowed to use cookies.
VIEWED_PRODUCT_IDS The products that you have recently viewed.
WISHLIST An encrypted list of products added to your Wishlist.
WISHLIST_CNT The number of items in your Wishlist.

Quite scary in my mind.
Also, even though I haven’t accepted the Magento cookies it has still set the frontend one (I can add and log into an account even though I haven’t accepted the cookie). I know we are allowed to set cookies if they are vital to the functionality of the site but I do wonder if the public (and the ICO) may get spooked because of this.

 
Magento Community Magento Community
Magento Community
Magento Community
 
dolestar
Member
 
Total Posts:  41
Joined:  2009-03-03
 

ironically ive seen some implementations that set a cookie if a user says no, so that the site can remember they said no. 

the whole thing is a farce.  Im all for stopping 3rd party malicious cookies, but to make over 60% of uk online businesses (the proportion of GA users) into criminals is crazy. 

the high street has been ruined in recent years, which im sure is why the UK has the largest (per capita) online spend of any developed country in the world - expect that to change if the ICO has its way.

You wouldn’t expect a shop owner to serve customers with a blind fold on.  How are we going to see new businesses moving in next door, where our customers are going, what aisles are turning them off, and prices are too high if we can’t ruddy see them?

 
Magento Community Magento Community
Magento Community
Magento Community
 
John
Sr. Member
 
Avatar
Total Posts:  129
Joined:  2007-12-20
Sheffield, United Kingdom
 

I agree that this seems to be leading the world but I have got to say if it makes use stop and think and look at what info we are storing and tracking about our customers then it’s doing the correct thing. 

We track customers because we want to not because the customer has asked up to and at the end of the day if the customer does not want us to track them , in the same way we allow guest checkout, then we need to respect that.

I have had to do an audit of the cookie use and it’s hard to explain why we want the information into a customer page. 

Thanks for 1.7 - feature there before I asked - Always the best way.

Regards
John

 
Magento Community Magento Community
Magento Community
Magento Community
Magento Community
Magento Community
Back to top
Page 1 of 2