1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

EU Cookie Law -- Compliance?

Discussion in 'Forum Management' started by LT Jennifer, Oct 30, 2015.

  1. LT Jennifer

    LT Jennifer Member

    First of all, I'm not sure if this is the correct forum; but I couldn't find one dedicated to legal issues. Mods, feel free to move this thread elsewhere.

    From a different forum, I was told that forums must give the users the ability to opt out of cookies. Last I heard, XF won't run without them.

    Are XF planning to make cookies optional?

    Below my initials is a cut-and-paste of what I read.



    As some of you may know, there has been an update in The UK and Europe regarding internet privacy laws, specifically in regards to cookies and trackers.
    All sites that use cookies for any purposes must now display that they do so and provide an option for informed consent and the ability to opt out of cookies.
    More information can be seen here The Cookie Law Explained
    What this means for all of us is that we will be deploying a function that will appear to UK and EU IP addresses and provides them with the relevant information and the chance to opt out.

    If you have any further inquiries, you can contact the moderators and admins in the community and they will provide you with more information.

    Thank you.

    The Cookie Law Explained

    The Cookie Law is a piece of privacy legislation that requires websites to get consent from visitors to store or retrieve any information on a computer, smartphone or tablet.

    It was designed to protect online privacy, by making consumers aware of how information about them is collected and used online, and give them a choice to allow it or not.

    Site Owners Start Complying

    It started as an EU Directive that was adopted by all EU countries in May 2011. The Directive gave individuals rights to refuse the use of cookies that reduce their online privacy. Each country then updated its own laws to comply. In the UK this meant an update to the Privacy and Electronic Communications Regulations.

    Why Cookie Law?

    Almost all websites use cookies - little data files - to store information in peoples' web browsers. Some websites contain hundreds of them.

    There are other technologies, like Flash and HTML5 Local Storage that do similar things, and these are also covered by the legislation, but as cookies are the most common technology in use, it has become known as the Cookie Law.

    All websites owned in the EU or targeted towards EU citizens, are now expected to comply with the law.

    What it Means For Business

    If you own a website, you will need to make sure it complies with the law, and this usually means making some changes.

    If you don't comply you risk enforcement action from regulators, which in the UK means The Information Commissioners' Office (ICO). In exceptional cases this can mean a fine.

    However, non-compliance could also have other, perhaps more serious consequences than enforcement. There is plenty of evidence that consumers avoid engaging with websites where they believe their privacy is at risk, and there is a general low level of trust about web tracking by the use of cookies.

    Free Cookie Consent Trial

    What You Should Do

    Compliance with the cookie law comes down to three basic steps:

    Work out what cookies your site sets, and what they are used for, with a cookie audit
    Tell your visitors how you use cookies.
    Obtain their consent, such as by using Optanon, and give them some control.

    What are Cookies Anyway?

    Cookies are a kind of short term memory for the web. They are stored in your browser and enable a site to 'remember' little bits of information between pages or visits.

    They are widely used to make the web experience more personal, which is generally seen as a positive thing. However some cookies collect data across many websites, creating 'behavioural profiles' of people. These profiles can then be used to decide what content or adverts to show you. This use of cookies for targeting in particular is what the law was designed to highlight. By requiring websites to inform and obtain consent from visitors it aims to give web users more control over their online privacy.

    To find out lots more about cookies in general and the different types, take a look at Cookiepedia - the leading information resource all about cookies.
  2. Amaury

    Amaury Well-Known Member

  3. Kevin

    Kevin Well-Known Member

    After reading through the thread that Amaury linked to, if you are UK based and need to worry about it, then also turn on the XF option to display the cookie message...

    ACP => {Home} Options => Basic Board Information => Show Cookie Notice on First Visit
    Digital Doctor likes this.
  4. Martok

    Martok Well-Known Member

    They can opt out of cookies. Enable the notice as mentioned above, which says:

    Learn More links to this on XenForo and a similar page on your own site:


    If users don't want cookies from your site ie they want to opt out, they can just walk away and not visit again.
  5. Solidus

    Solidus Well-Known Member

    Doesn't even matter, it's barely enforced.
  6. LT Jennifer

    LT Jennifer Member

    So the solution is to present a notice that cookies are used (which I do) and then give the user a choice between accepting cookies or "opting out" by not visiting the website any more? That's not a real choice, and I'm not convinced that would be legal under the cookie law. I had thought opting out meant continuing to use the site WITHOUT cookies.

    Just why are cookies so necessary to XF anyway? Couldn't user options be in the database instead?

  7. Dakota Storm

    Dakota Storm Well-Known Member

    Cookies offload some site (for lack of a better term) 'load' on to the users browser rather than the server.
  8. Martok

    Martok Well-Known Member

    Nope, not if the site won't function without them.

    You can see there isn't "opt-out and continue to use" options on most sites that use cookies. Even the UK Government site just states it uses cookies

  9. LT Jennifer

    LT Jennifer Member

    I see. Thank you.

  10. Liam W

    Liam W Well-Known Member

    As for a bit more info, cookies are used to store the user session keys. If they aren't stored in/passed by the browser, how will the site know the user is logged in?

  11. HWS

    HWS Well-Known Member

    This is in fact a choice. The visitor can choose to leave your site, if he doesn't like cookies.

    If you like to serve your site without cookies to the visitor you can provide an option or that. But you don't need to. XenForo however does not work without cookies.

    The whole cookie law is a joke. Those notices at all sites are more annoying than blinking ads.

Share This Page