European cookie directive enforcable in the UK from May 26th 2012. vbseo_loggedin

Because of the European Directive re cookies (enforcable from next month), we need to list the details of all cookies and give people the option not to have them.
The Information Commissioner's Office in the UK (the ICO) specifically expects software providers to supply upgrades in order to ensure their customers are compliant with the new rules.
To comply, the vbseo_loggedin cookie can't be set unless there is prior permission from all visitors.
Unless this cookie is considered essential to expected functionality. It's very doubtful that this is the case.
Can I ask please what exactly the cookie does, the effect of not having it and whether there will be a vBSEO upgrade with an option not to use it?

I believe the directive only applies to cookies that pass user information to third parties. 'vbseo_loggedin cookie' should be ok.

Originally Posted by Notorious

I believe the directive only applies to cookies that pass user information to third parties. 'vbseo_loggedin cookie' should be ok.

That's a common misconception. It applies to all 'non essential' cookies.

It is not something that we should be taking care of , this is directly responsibility of web site owners and if they want to follow these guide lines or not. vbulletin , Google Analytics , Adsense all uses cookies. If any website owner want to follow the guidelines then they need to create a warning for each cookie they used.

Hi Mert,
according to the guidelines from the ICO at
http://www.ico.gov.uk/for_organisati...gulations.ashx

" Companies who design and develop websites or other technologies for other people, must also carefully consider the requirements of these Regulations and make sure the systems they design allow their clients to comply with the law. The Information Commissioner would expect that any development of new software, or upgrades to existing software, would take into account the need to ensure products are compliant with these rules and broader data protection requirements."

Which clearly puts the onus on the people writing the software, so I'm afraid I disagree with you.

A request is not specifically required for each cookie as it is set, as a single allow/deny can be requested when someone hits a site. But every cookie has to be listed, and permission sought before any cookies are set. Personally I think this will be changed to an implied permission afterwards, though this is still technically breaking the law.
I'm dead against this new law. I think it's hamfisted and detrimental to the surfing experience.
But as the authors of vBSEO, I think you do need to provide a way for your customers to cater for the new law. Probably in conjunction with vBulletin. Who, by the way, are completely clueless about it.

I'm just leting you know about this Mert. Not having a go or anything.

I am already aware of it Stuart as you create a thread on every board i follow from time to time

Though i don't think anyone will follow that rule honestly as it kills every aspect of browsing. It seems to be similar to some other strange European rules.

There is no 'vbseo_loggedin' cookie for guests, is there? Cookies are a lot easier to manage with members as you can get consent within the sign up/TOS.

W.>

Add a notice to all users, and then the members can click the x to opt in.

We also added a thread explaining that people can block cookies, even gave them the URLS for each browser on how to do so, as well as the option for us to delete their accounts by informing us to do so.

We also explained why we use cookies, for vB, for Google Analytics and that we get paid commission for any purchases made from clicking any of our links. (Which is imo a good way of hammering home why they are used)

We offer a free website, always have done and always will, therefore people also understand that we have to use advertising. We do however offer far less adverts for our members, along with the option to dismiss them when logged in anyway.

The feedback has been good, as in we are one of the first sites to actually let people know about the new directive, and so far, we have not had one request for people to delete their accounts.

Reading between the lines, sites that make an effort to inform people about the cookies etc are less likely to suffer the wrath of the ICO - By that I mean you are less likely to be invited to Wilmslow, for afternoon tea and muffins.

If you sit back and do nothing, you are open for a fine of upto £500k and it is my understanding that any site in the EU is liable, or any site that is visted by members from the EU

My own feeling is that vB are going to have to come up with a solution anyway, otherwise they will get fined, and so I hope that they roll out a method that all sites that use vBulletin can implement.

But...

Don't dismiss it, and act on it now, if you are seen to be working on a solution to comply, you will be less likely to be done for it.