A pattern is emerging that shows European Member States greeting Brussels with a collective thumbs-down on its cookies law. So far, the Commission has had just two submissions from countries that have agreed to fully adhere to the amendments to the e-Privacy Directive. "Denmark and Estonia have notified measures to implement …
They've banned Marmite in their cookies as well.
Surely that's just crackers?
They're a funny lot too. Notice how we get told how great their butter and bacon is, but when you're over there, can you get a decent bacon buttie? Can you feck.
Isen´t iligal here your half assed british jurnalism just dident get the full story. Because marmite contains vitamin suplements it requieres a permit to sell it in Denmark. Thats all. But i guess its easier to stick your head up your ass instead of tjecking the facts.
We know AC. Everyone knows. But the number of irate Danes having a complete sense of humour failure about it has been far to amusing to let it drop.
A joke, for the Danes, is clearly no laughing matter.
...so if you sell goods without a permit, it is not illegal?
If it's not illegal, why bother to get a permit?
I wish to complain
It would be interesting to compile a list of all the EU websites that miss the deadline
Frown icon coz' it looks like a sad cookie
I thought the Germans came up with this in the first place, and they haven't agreed to implement it? Where's our referendum on Europe for pitys sake.
Groundless rumour mongering
The law came from the commission and was passed by the parliament. All member states were consulted. In some places that counts are democracy.
Re: Groundless rumour mongering
Slight problem there: s/passed/rubber-stamped/
There, that fixes it.
Usual bad legislation from idiots with no technical comprehension.
We need to be told what practices are illegal, not what might be vaguely permissable on a good day. No-one should have to consider all possible legal definitions of "strictly necessary" before implementing the session ID system that comes built-in to the server's scripting engine.
idiots with no technical comprehension
the idiots with no technical comprehension are the pony-tailed twats who can't build a web site without it burying the user's browser with a shit-load of cookies. this is bad design and lazy programming.
there is no need whatsoever for any web site to need cookies to work. rather than whine about the idiots in brussels, direct your complaints to the massively over-paid wastes of space who are responsible for generating all these pointless cookies in the first place. if they had any clue there wouldn't be any cookies to get our brussels overlords excited. so just fix your web site and you'll have nothing to worry about from this latest silly law.
Cookies are useful
Cookies exist, aren't harmful if used properly, and are useful. Let's say I want non-registered users to store their preferred background/foreground colour combo. Why not set that as a cookie? (Idealogical reasons aside)
Flat file html website can indeed be browsed with no requirement for cookies provided you do not wish to track usage patterns.
Complex CGI web applications that require authentication do however benefit from cookies so that a user moving from page to page within the site can be identified without the need to provide authentication on a page by page basses. Likewise session variables can only really be made use of if you use a cookie.
Unless you are aware of some other way of identifying a user between page hits? If you are then please share it with us.
However I suspect you are just unaware of your own ignorance which explains your eagerness to criticise people who do things that are beyond your level of understanding.
PS if you use cookie-less sessions a session ID is appended to your links. You then run the risk that a user will publishing a URL from a link on your site which includes their session ID and so opens their session to anyone who follows the link to the URL.
The web is stateless, websites cannot maintain the session from one page to another without some way of tracking the user, you're effectively creating an entirely new instance of the application on every single page - yes you CAN pass the session ID around in the URI but that has a whole host of security implications in and of itself (particularly with regards to session hijacking).
The BEST way to say ooooh, maintain the state of a user's shopping cart is to use a cookie to track their session - there is still the potential for session hijacking but it's not something that happens inadvertently when someone copies and pastes an address.
If you're building any kind of halfway secure web application you basically HAVE to use (SSL) cookies, well unless you want the user to log in on every single page of course.
So Mr. Morrow - as a (heavily pierced) "pony-tailed twat" myself - I ask you to go back to your world of shoddy single-user, toy, VB6 applications, you obviously have no understanding of how the www works.
Really, unless you're a crapvertiser, you should need no more than 3 cookies.
1: a non-secure session cookie that holds no sensitive information (basket contents for instance).
2: a secure user authentication session cookie.
Saves a tonne of <noscript> tags and means the markup pushed to the browser is better optimised for that browser (which cuts down your bandwidth consumption).
No cookie law in Denmark - for now
The official message now is that the rules "need further clarification" before they can be put into effect.
http://www.version2.dk/artikel/19228-nye-cookie-regler-bliver-udskudt-i-maanedsvis if you can read danish. (Actually, Google does a fair translation).
Amazing, really - we usually put whatever Brussels fancies into the law books right away.
So, is that all cookies or just those with added vitamins?
It all seems a bit redundant worrying about things like this when it seems crippling vulnerability in commercial sites will spill far more damaging information about people (Sony anybody?)
UAC for the web
"In order to deliver a lovely web site, we will send cookies. Is that ok?"
Then proceed as before - only slightly more intrusively, as consent was given.
Asking for permission simply delegates responsibility to the user, who has no idea what the implications are, and who just clicks on "ok" to make the nasty box go away so they can look at pictures of kittens.
Just like UAC really.
is there a cookie or two
Which if I accept it, will disable the ghastly hordes of mobile phone images that have appeared in the page background since I was last here ? ( ironically enough the only place they are not , is on the page that they link to ), but apparently el regs pony tailed designer forgot that if one has been to the "our new mobiles service page" one no longer needs to be haunted by massed blackberrys and shiny phones..
And another cookie please ,that will also allow us the option of setting the new , hyper-saturated red to go back to something less retina obliterating ..?
In otherwords give us the option ..via cookies ..to put el reg back like it was ..before you lose at least one reader ..and probably anyone else who doesn't want zombie phones and dayglo red webpages on a tech site.
You have those cookies ? ..great I'll take two..
Given the current lack of enforcement for the DPA (yeah, I know there are now fines but I'll believe it when I see it), I can't see this affecting anyone but a few unlucky 'examples'.
I gave up on bothering to comply with with most govt regulation apart from tax (which they do enforce with teeth) and health & safety (ditto) decades ago..... it's saved me a fortune.
I'm more worried about US compliance than EU. FTC do have some real teeth.
Will wait and see - browsers will probably deal with this in a couple of versions.