EU Cookie Law – What can I do?!
My site is a WordPress.com hosted website with a unique URL from 123 Reg, I’ve just gotten notified of the new Cookie law which is going to take effect in May 2012, and I am REALLY worried. Is there anything WordPress.com can do to help my site stay legal?
I can’t use any plug-ins because they only work on WordPress.org.
Basically what I’m asking is: is there going to be a way for WordPress.com hosted blogs to avoid being illegal? Will you make a new feature so we can notify our users of the cookies on our site? When will this all happen?
Please notify me before May 26th otherwise, according to the new law, I and thousands of other bloggers will be in breach of the law and could face up to a £500,000 penalty.
The blog I need help with is isozial.so.
michael97f.wordpress.com is no longer available.
The authors have deleted this blog.
For an accurate answer a link to the blog you are asking about is needed.
I think your current disclaimer is adequate. WP.com staff is unquestionably looking into this, because there are a lot of EU readers of our blogs.
The EU is a scaremongering bunch of halfwits. In reality they’d never be able to police the zillions of Internet websites. You could perhaps register your domain with a company outside the EU…..just a thought. You shouldnt allow yourself to be frightened by these people anyway. That’s how they control everyone…….threats. I think what you’ve written is ok anyway.
Thanks for the replies people, means a lot. Do any WordPress employees ever comment on these forums? (I’m a newbie)
Sometimes they do. I’ve been here seven years and you can be CERTAIN they are working on this, though. They have to. Europe is too big a market, and they, the providers of the blogging service, will be responsible for the fix.
That’s a really good point raincoaster.
Yeah but on most sites Facebook, Twitter and Youtube all install their cookies, and we all know Facebook aren’t looked too kindly upon when it comes to privacy…
I’ve been doing some reading around on this. Anyone who has a website—-even a blog—hosted by a company that collects data for analytical purposes is already tracking their visitors. Even if your company doesn’t impose its own tracking/cookies, the web-hosting company that you are using almost certainly does….for the purpose of providing you with monthly stats, amongst other things.
That means if WordPress is collecting data (which it is, for your Blog Stats) then everyone visiting every WordPress blog in existence is “supposed” to be told of this.
Considering how many thousands?millions? of wordpress blogs there are, that means—theoretically—-that every blogger has to notify his/her visitors.
It’s a complete nightmare. I’ve looked at some other forums/blogs this morning on this subject, no-one really has a flipping clue what to make of it all. Apparently it was tried on the UK’s Information Commission Officer website……and their traffic plunged 90%. What a laugh. The vast majority of large British companies still aren’t ready to comply either. These mugs who sit in the EU parliament have nothing better to do with their time, bar eating and drinking. Unelected and undesirable bureaucrats.
I think WordPress will need to look at this, to protect their bloggers, many of whom are not necessarily knowledgeable about web-page programming.
Measures like these will drive small-person websites off the Internet altogether, because many will be afraid of how to comply with what the EU wants. In the good old days, back in the 90’s when I first set up a website, it was all great fun. Now it’s becoming a complete misery. It’s all overrun by authoritarianism. No wonder people are furious.
Good point, just one thing I wanted to say: visitor numbers dropped by 90% because users couldn’t be tracked because they didn’t want the cookies. The readers of the website still went on the site, the owners just aren’t allowed to see that they have.
Everything else though is true.
The law ONLY applies to cookies. That’s why it’s called the cookie law.
Sorry for this remark but I just can’t help it:
The EU is more or less evil in all aspects. Close the stupid thing!
I just had to write this! :-(
It does seem like a pretty silly rule to be making now. I can’t see how it will be enforced.
There’s a lot to sort through about this law, and the first thing that has to be done is clear through some of the misunderstandings about it.
First off, it’s important to understand that this is not one “EU Cookie Law.” The EU issued a set of directives on cookies but left it for each member nation to interpret, define the requirements, and define the penalties. Your ire should be directed towards the Information Commissioner’s Office, the UK government agency which is solely responsible for the permutations of the cookie law in the UK. I know that hatin’ on the EU is a great national hobby, but this isn’t actually the issue for it. Ranting about those big mean men in suits is not going to do a damn thing to help us find a solution.
And it’s why WP.com isn’t doing anything to bring blogs into compliance. There is not one “EU Cookie Law” to comply with. There are *twenty seven of them.* National approaches range from laissez-faire to paranoid. No company, including WP.com, should be expected to create twenty-seven different setups and presentations for a single product.
Second, you need to educate yourself on the issues surrounding wp.org sites and the law – I write from the perspective of the UK’s interpretation of it – to understand why WP.com isn’t just making a slap-on, click-the-box, that’s-you-sorted solution to it. You can do that with my conference presentation here.
Third, as for spreading misinformation about “£500,000” fines, educate yourself on what that number means, who issues those fines, and what they issue them for before you perpetuate scaremongering and become part of the problem rather than the solution. You can do that in my post here.
Finally, educate yourself on the web site accessibility issues which mean that many “compliance solutions” make a site meet the UK’s interpretation of the cookie law but then break existing UK accessibility laws.
If you have any other questions, leave comments on my blog posts, or come talk to me at WordCamp UK in Edinburgh in July.
I was at an exhibition last week where one speaker was Mark Prisk, Minister for Business and Enterprise in the UK Government and I asked him a question about the implications of the new cookie law and the advice the Information Commissioner’s Office (ICO) is currently giving out, which to say the least lacks clarity. He said that Ministers are still in discussions with the Information Commissioner about the guidelines and what came across was that two different arms of the UK Government do not see eye to eye. Having said that, the ICO is the enforcement body (they can fine Government Departments, and Ministers have no direct jurisdiction over the ICO). However, the ICO has a long record of advising first, enforcing next, fining last. However some companies are taking the issue very literally, see BT’s MyDonate site. I have added a page to the main menu of my websites about cookies and privacy which is not theoretically compliant, but I think would be seen as adequate until new advice comes out of the ICO’s office. I appreciate WordPress’s problems, but it would still be very helpful to see a clear statement from WordPress, even if it is only to say why they can’t/won’t comply and what the complications are, which we in the UK could then quote in the debate here to try to get some commonsense. Specifically what would help would be a list of the cookies used on WordPress and what they do. See the Downing Street website for a model http://www.number10.gov.uk/privacy-policy/, which, ironically, does not comply with the ICO’s advice in that the link to the page is hidden at the bottom of the page and there is no splash page as you go into the site. So at least if we are going to be fined £150,000, so is David Cameron, which is why I’m not booking a meeting with my bank manager just yet.
The UK Information Commissioner’s Office issued new guidance yesterday which should reassure people. The main issue here is that ‘implied consent’ now seems acceptable, provided that you make this very clear and visible to users of your site, but don’t take anything from me, read the article: http://www.ico.gov.uk/news/blog/2012/updated-ico-advice-guidance-e-privacy-directive-eu-cookie-law.aspx
Indeed, after spending over a year saying implied consent was not enough, they backtracked literally on the day the law went into compliance. *On the day*. Not last month, not last week..
So much of the work and sweat many good people have put into moving towards compliance turns out to have been unnecessary.
There’s nothing more contemptible than highly paid “public servants” creating problems to justify their jobs and pensions.
The following is from our legal team:
We’re aware of the recent EU privacy directive and the related UK Cookie Law. As of now, the relevant authorities haven’t issued concrete guidance on the actions that are necessary to comply with the law. We’ll be watching as the situation develops and may make changes to our services in the future, if required.
Instructions for adding a text widget to your site can be found here:
The topic ‘EU Cookie Law – What can I do?!’ is closed to new replies.