EU Cookie Directive - have you done anything ?

Chris D

XenForo developer
Staff member
Technically, we've all done just about enough to cover our backs.

XenForo 1.1.3 has a default notice explaining about cookie usage.


Well-known member

If I were a registered entity that actively targets internet users in the EU/UK, then I'd probably consider it.


Well-known member
Doesn't it only apply to sites hosted in the EU anyway? I live in the UK but host in the US...
There's a notation in the rules somewhere that states if you actively sell products or otherwise target residents of the UK/EU, then your site would need to be in compliance, regardless of where it's hosted.

In my case, none of my equipment is located in the European regions. I also don't run any UK/EU centric sites that could be construed as targeting UK/EU users. Even if I did, I'd still likely not stick some notice up about it.

It's becoming an eyesore for sites I run into, repeating the same thing over and over about cookies.


Well-known member
I'll have to bear that in mind. Right now my only active site is a personal blog but I'm currently building up a xenforo one where I'll likely need to add a cookie notice :(

Adam Howard

Well-known member
I try to avoid onshore hosting at all cost. People automatically assume that when you're looking for offshore hosting; it means you're up to no good. This is not true at all. It just means you've realized how stupid the administration is in typical "onshore" countries and it's just better off to avoid all that drama.

With this said, XenForo provides a default option which seems to be good enough. Chris Deeming also was good enough to develop this;

Although it stop working for me (not his fault my site is customized to death)

mike os

Active member
we added it to the terms & conditions on sign up and also as a dismissable notice for current users

from what i can make out as long as you are trying to implement a solution you are unlikely to be prosecuted, but if you do nothing they are gunning for you


Well-known member
No. I personally think it's silly, as cookies are a vital part of almost every site (especially with a user system).

I don't see how telling the user helps them any way, if they were so paranoid of cookies to begin with, they should have disabled them.

mike os

Active member
silly or not it is the law in the EU, and to me it is just foolish to ignore when a solution or at least a mitigation is relatively simple


Well-known member
Does this mean that the law doesn't apply for private forums with no commercial interest ?
In a word, no. If a site uses cookies the regulations state that consent should be obtained from the subscriber or user. This is how it's laid out by the UK's Information Commissioner's Office:

This is what the law requires:

a person shall not store or gain access to information stored, in the terminal equipment of a subscriber or user unless the requirements of paragraph (2) are met.

(2) The requirements are that the subscriber or user of that terminal equipment-

(a) is provided with clear and comprehensive information about the purposes of the storage of, or access to, that information; and

(b) has given his or her consent.

Regulation 6 of the Privacy and Electronic Communications Regulations 2003 (PECR)
Source link (pdf format):