All IPB forums breaching EU law

[Rikki]

I just moved my web server to the US as i don't see the point in it

That won't help you I'm afraid. It's not about where you're hosted, it's about where the site owner operates from. If you reside in the EU, they could theoretically punish you regardless of where your server is.

[Steven UK]

<--- In the UK and not complying because it's another ridiculous law to come out of the EU.

I hear that.

[Steven UK]

That won't help you I'm afraid. It's not about where you're hosted, it's about where the site owner operates from. If you reside in the EU, they could theoretically punish you regardless of where your server is.

That's the grey area, because online you could reside anywhere. You could change your whois to Texas if you wanted, and nobody would be the wiser. Or is the EU going to force registrars to un-hide their whois, or provide a list of all domains and owners.

Very difficult to implement this directive.

[stoo2000]

I'm looking to set up a new forum and came here to evaluate my options (with IPB top of the list). I thought I'd better log in rather than lurk any more because this thread is of importance on my list of 'must haves'.

If IPB aren't going to divulge info about cookies, I can't see how I'm going to be able to justify selecting it which is such a shame. :sad:

It's worth noting that I haven't seen any IPS Staff member refuse to provide information.

Infact there is information posted right here: http://community.invisionpower.com/topic/363409-cookie-descriptions-for-eu-cookie-law/#entry2271582

[Rikki]

That's the grey area, because online you could reside anywhere. You could change your whois to Texas if you wanted, and nobody would be the wiser. Or is the EU going to force registrars to un-hide their whois, or provide a list of all domains and owners.

Very difficult to implement this directive.

You could change your whois if you wanted, but that would only work for individuals running a hobby site. Anyone more serious about running a site will have it registered as a company, and a company cannot easily hide.

[Energizer]

That won't help you I'm afraid. It's not about where you're hosted, it's about where the site owner operates from. If you reside in the EU, they could theoretically punish you regardless of where your server is.

I do not think anyone takes the trouble to find out. Example many illegal sites on the Internet lives since many for years. If IPS give not the license data by request for the lawyer out there, then they have no problem, that your identity is known.
you have today a problem, when you hosting a Community. ever-changing laws and they are responsible for compliance. If they make a mistake, then they can cost a lot of money. Lawyers are waiting of your mistakes. You must decide for themselves whether they want to live under these conditions a community. You can delete community, they can join the EU nonsense or they can hosting safe and have peace. You have to choose. Another way I do not see. I love having a community, but I would therefore not financial Problem, or have one foot in prison are standing, because I made a mistake with the EU-Nonsense or because lawyers want to earn money with such nonsense. I can understand not everyone is in my opinion and can understand my poor English. ;)

[Charles]

I think this topic underscores why we are not yet doing anything in regards to this law. It's so incredibly murky that who knows what to do. Some people have pointed to a simple copy/paste Javascript solution other says it's not enough.

In the end your web site is your responsibility. There is nothing IPS can do to ensure that you are in compliance with every law everywhere.

[dean84]

But isn't there a way to release a list of cookies that the IPS suite use, and allow those who want to add the relevant sections to their site, to do so. It doesn't then affect those who don't need it, but greatly helps those who are looking for that information.

[Rimi]

But isn't there a way to release a list of cookies that the IPS suite use, and allow those who want to add the relevant sections to their site, to do so. It doesn't then affect those who don't need it, but greatly helps those who are looking for that information.

It's surprising that they wont do it since one of the 3.3.2 betas had the page that listed all the cookies that the site uses including cookies that are used only by admins or moderators. It said the cookie name and a description of what it does. So the list does indeed exist in some form somewhere even if it doesn't list every single cookie it at least lists a handful.

[realmaverickuk]

Yup until I get a CLEAR and official explanation of EXACTLY what I need to do, I am doing nothing.

Maybe if all webmasters stood united and refused to do it, we'd have more power. They can't shut the internet down.

[ADKGamers]

But isn't there a way to release a list of cookies that the IPS suite use, and allow those who want to add the relevant sections to their site, to do so. It doesn't then affect those who don't need it, but greatly helps those who are looking for that information.

There's already been links that have shown which cookies are being used and what they do. They have also mentioned that you could take the idea of what some of the sites in the links that have been provided and make your own from those ideas.

[Rikki]

It's likely (though please do not interpret this as official or guaranteed, because that is not my call to make) that we will publish information on the default cookies our suite uses at some point, to enable site owners in turn provide information to their users. However, doing so is beyond the realm of our support in tickets, and that's why we weren't able to honor that request. This is something that will take time and effort by a developer (not a support tech), not something we can put together for a support ticket.

I hope that clears up the confusion. We were not being stubborn or obstinate, there's just a limit as to what we can provide via tickets.

[Steven UK]

I went onto AOL UK today, and there was a small pop banner that went near the bottom of the website, mentioning "by using this websites, you are accepting that......blah, blah...." that was there for all of 5 seconds, and then vanished, never to be seen again.

[PSNation]

I went onto AOL UK today, and there was a small pop banner that went near the bottom of the website, mentioning "by using this websites, you are accepting that......blah, blah...." that was there for all of 5 seconds, and then vanished, never to be seen again.

People still go onto that? O_o

[Heyhoe]

If you bought a gun, does the retailer have to tell you not to shoot somebody with it?

This is a product which can be used in a variety of ways. I think people have become lazy, expecting everything to be completed for them straight out of the box.

[Myr]

Well, if any fines come my way from the EU, then I will do the American thing and tell them exactly where they can stick it, as loudly and obnoxiously as I can. :)

[Steven UK]

People still go onto that? O_o

Haha, AOL was the first ever ISP I had all those years ago, so they still hold some email addresses I still need. Apart from that, no :smile:

By the way, here is a picture of the banner on AOL, just out of interest:

http://screencast.com/t/lbdOu2U0M

[HighlanderICT]

I am in Canada, my site is hosted in USA, and my audience is global although the subject matter and therefore the majority of the userbase is from Scotland (a fans forum for a football team).

I was unaware of the new law until recently and agree with most who have said that like many EU laws which seem to be formulated after a few bottles of Chablis, it is ill thought out and as silly as some of the most famous ones - like the curve degree on a banana which is a classic!!!

However, it is the law, and even if it not likely to be enforced rigorously, or even at all in some countries, I am trying to pay it at least lip service.

So here is what I have done, or what I am doing .....

I looked at the official UK gov site for the law and it is as clear as mud! No real help. I then looked at some major UK sites like BBC for example to see what they did (extensive info on a cookie page but no popup or list), and finally I looked at a few smaller sites like local newspapers from the area in the UK that I am from (it had popup/banner announcement and list on a dedicated cookie page).

As a result I will likely just add a cookie page like BBC and maybe add a field to registration to agree acceptance for UK/EU users.

The info I have read has stated the gov will not come hunting sites and if they find a site in breach they will likely suggest how to be compliant and only flex muscle if you continue to ignore it after they have spoken to you.

I do not expect IPB to list all cookies for me, it's not practical, and if they do this for UK/EU for this law where do they stop? A list of all potential USA federal or state issues with software compliance? Chinese laws? Laws from Australia/NZ ?

For the cookie issue i can easily get a list by clearing existing ones and then revisiting site and seeing what is in there as I perform major actions on site.... It's just a case of listing them on a cookie page after that (or not, if I base my page in what the BBC have done).

So what IS practical to ask from IPB (or the community at large) ?

Firstly it would be good if there was an informal list of the current core cookie names and what they do ... This could be supplied by IPB or as part of a peer discussion like this. On first entering my site I note 'coppa', 'nextlast', and 'session_id' as session cookies and 'member_id', 'pass_hash', and 'rtestatus' as persistent cookies. I have not yet noted others as I believe much of the preferences and individual user preferences are taken from the stored profile referenced in the member_id cookie?

Secondly, it would be good if IPB could add an extra but optional link that EU/UK sites could populate with info that would be placed at the bottom of the site next to the new privacy policy link and which could optionally be included in login/registration screens. Guidelines, Registration, and Privacy policy options are already in the ACP under community guidelines would it be hard to modify it so you had options to display link to each in footer/reg/login screens?

That to Me would be the limit of what IPB could or should consider doing. Give us the tools to comply with local rules/laws etc, but leave the onus on us to use them !!

[Artefaqs Corporation]

"[color=#282828][font=helvetica, arial, sans-serif]What this effectively means is that every single IPB site who have visitors from the EU are now in breach of the new cookie directive"[/font][/color]

[color=#282828][font=helvetica, arial, sans-serif]Not true....the EU law applies to EU based websites. The majority of my members are from EU countries and my site is hosted in the U.S.[/font][/color]

[color=#282828][font=helvetica, arial, sans-serif]I am not required to do anything. [/font][/color]

Two thoughts:

1. [*]Just try to enforce this. Go ahead. My server is in Pittsburgh. My company is in Seattle. I have many visitors from the EU. So I'll just sit back here and wait for the Interpol police to show up on my doorstep and give me and several tens of thousands of other webmasters a free trip to Europe for trial. You think the EU's prisons are crowded now? Wait until Brussels tries to lock up the owners of every server on the internet. [*]There's a law in my country (The Free State of Underpantsia) that states that every E.U. bureaucrat must pay me a €100 per year Breathing Tax. I know they're not based in my country, and I have no jurisdiction over there, but just as you seem to think that the EU can enforce their arbitrary laws on this side of the ocean, I'll do the same to them. [*]I'll shut down my .co.uk, .at, .de, and .es web sites before I'll comply with the laws of a foreign country on my own soil.
   

[Sly_Ripper]

It's a stupid law. If everyone just ignores it, it will go away. It cannot be enforced.

[Royzee]

Personally I think those that are willling to jump through hoops to attempt to comply are only encourage their government to create more assinine laws.

However it is each site owners choice alone.

[The Old Man]

Interesting topic. The people who are simply stating this law is an ass, well you're right, but the ICO are now enforcing laws to generate an income and justify their existence like other departments, maybe not yet with this cookie law but they will in the future. For now the fear of possibly being named and shamed will be enough for many, responsibility by web designers to do the right thing for their clients will be another, and whether we all think it's a good idea or not, we still have to comply with this daft law.

Someone posted earlier about wanting to do the right thing for a charity website and I have the same issue, whether I think this law is over the top or not. Countless radio, tv and industry discussions over the last twelve months have not made it any easier.

For info, the ICO just send out their latest newsletter that contained this update:

"The year long lead in period for UK organisations to work towards complying with the amended Privacy and Electronic Communications Regulations (PECR), covering the use of cookies, expired on 26 May.

An interview with David Evans, Strategic Liaison Group Manager at the ICO, discussing our work in this area, including our future approach to enforcement, is available on the ICO website.

The ICO expects all UK websites, by now, to be working towards compliance with the new EU regulations. The regulations will apply to organisations across Europe and the ICO has been working hard to help organisations in the UK comply with them.

The changes mean UK websites must ask visitors for their consent before placing a cookie on their device. This will involve providing visitors with sufficient information to make a decision about whether they are happy for a cookie to be placed.

We have published updated guidance for organisations to help them comply with the new changes, as well as guidance for individuals, which explains what a cookie is and what steps a person should take if they are concerned about a website's use of cookies.

A reporting tool is also available on our website, which allows individuals to easily report websites they believe are not compliant with the new law, or particular cookies that they are concerned about. This information will be used to inform future guidance and enforcement action."

I usually find the BBC are usually a good act to follow as they have expensive lawyers who will have studied and worked this out, and will have developed best practice solutions. Their implied choice model seems to be the way to go.

I just put a support ticket in able this situation and it would seem that IPS have not completely written off support for assisting us to comply just yet.

[MarkD FTR]

Uncle Sam manages to do so in various areas.

Uncle Sam tries to but fails miserably a lot of the time.

[tenaki]

I just put a support ticket in able this situation and it would seem that IPS have not completely written off support for assisting us to comply just yet.

Out of interest what are support doing for you?

[Lase]

Jesus H Corbett, am I to read all this?

This is the EU man.

The EU is like Blakey from On The Buses



Honestly don't know why we even listen to them. Doze of gravy-train riding, super-beauro, unnelected sadists and submissives, willing to do and say anything for their 'betters'.

It's like this multinational corp that looks all professional and hi-tech from the letterheads and website and marketing campaign. Then you get in there and it's a few dozen school-going plebs playing with themselves and fiddling with each other. All orchestrated and directed by the most grotesque criminals in the known universe.

What a load of total nonsense this all looks.

I'm doing sod-all.




Edit - See this similarity to the multinational corp run by mongs and small man syndrome sufferers that don't know what they're doing? That might sound like me joking but this is really all it is. I'd hate to think of the world outside of Europe having this impression of a giant properly tight-ship that's honed to make the world and it's internet a safer better place, employing the cream of the Human race. It ain't. They're honestly having a laugh in there. I've seen footage from hidden cameras on people who've gone in there to document what goes on, and it's just hundreds of people with no clue what they're doing, milling around socialising, drinking champagne and eating vollavons. Too-ing and fro'ing from one office to the next scratching themselves. With all the policy coming from the usual think tanks and these tip-rats sitting around waiting to sign.... after not bothering to read them.