Some of you may be aware, there's been a bit of controversy over the setting of cookies on computers by web sites throughout the world. This has resulted in EU legislation that requires site owners to tell users they are loading cookies on their computers, why they're doing it and how to avoid them. Depending on how you read the legal stuff, depends upon what action you may as a site owner take, or not. The potential problem is, as an owner, you could be fined up to £0.5m for not complying, though the EU have said they don't intend to use a sledgehammer to crack a nut!
Part of the legislation says, cookies should not be set for a period that is onerous. In other words, they should be set at sensible time periods that can be justified as being reasonable. Most you will find are set from around six months to two years and it seems that's the norm. PCA's own cookie by comparison is 5 years, way above average. But imagine my surprise when researching PCA cookies to discover inskinad.com (one of the cookies that PCA sets on your computer) has a life of 7,987 years! No, you didn't misread that, the cookie expires on the 31 December 9999!
How can anyone justify that? I really wouldn't want to go into battle with the EU on that one!
I don't have any web sites any more, so I can't confirm if this is still normal.
My website is still in the 'embryonic' stages of development...cookies are off-menu at the moment.My computer-savvy pal (a web-site builder) will keep me up-to-date on the legalities regarding cookies...personally speaking I much prefer 'Caramel Wafers' (TUNNOCKS).
Graham*, you could start here and work your way through. The video's not bad, but the guy is a typical government salesman trying to sell the benefits. Anyone who thinks it doesn't apply to them, needs to look carefully at all aspects of their sites.
For example, if you use Google Analytics (as many do), it most certainly applies to you. If you have any sort of content management system including a blog, then almost guaranteed, cookies will be used.
The first thing to do is a cookie audit, which should tell you what (if any) cookies are being produced.
Burying your head in the sand isn't an option. Though typically, the UK is one of the first countries to attempt compliance, while most of the rest of Europe ignores it.
forum member, I never suggested there was anything sinister about long life cookies, simply that I wouldn't want to try and defend it in court. Furthermore, the really long life cookie I quoted was not produced by the site builder, but by a third party. It maybe the third party has no intention of changing their ways. And therein lies the rub and a potential bust up with the ICO.
Perhaps I am reading this 'cookie thing' the wrong way, but I tend to find that legislation isn't always 'policed' as was originally intended, so to some it can be a complete mockery.
Perhaps off subject, but I have not long sent an email, and in response I received a very simple two line paragraphed reply to the question asked. To download this reply, I have had to use extra paper and printer ink, so as to receive a whole lot of 'data protection' 'cookies' ' confidentiality' waffle, that could have possibly been easier to provide a link for this added inconvenience. Did the sender (a well known company) go rather over the top or was it a requirement, possibly translated incorrectly?.
Some sites seem to have gone OTT with the cookie legislation (e.g. which.co.uk, which has a large drop down bar that appears on every webpage until you actively accept their policy).
Others simply show a short statement as a small drop down on the page that you use to enter the site that simply states that if you continue to use the site you are deemed to have accepted their policy.
As I clear all my history out many times a day, the which.co.uk approach is a pain in the butt.
The problem is spuds, the chances are the legislation has been correctly interpreted.
We're now constantly bogged down with EU nonsense (I'd call it something stronger but would probably be banned). Just for example, I have a little 49cc motor scooter that I use to get around town. Just recently, I needed to re-insure it for the year. When I finally chose my provider, I got reams of completely irrelevant (to me) bits of paper; key facts, my statement of fact (as if I didn't know what I'd said) and goodness knows what else. All I wanted was an insurance certificate! We're being suffocated by bureaucratic rubbish, but failure to comply in this instance, could lead to an uncomfortable life.
Site owners have a choice. They can choose to ignore it, but it's no good complaining if the ICO come knocking at your door at some point in the future.
Batch, I think you're going to see far more of the "which" approach in the coming months.
This thread is now locked and can not be replied to.