Gallery 2 and the new cookie law

andymedia

Joined: 2009-01-02
Posts: 88
Posted: Tue, 2012-05-29 09:34

Hi i was wondering if anyone can help me on this matter.

"From 26th May 2012 all UK websites must obtain consent from visitors for the use of cookies and other tracking technologies."

I was wondering if Gallery2 used cookies what sort of cookie is it? and if there anything to obtain conset from vistors? What happens if the members dont conset for cookies?

 
suprsidr
suprsidr's picture

Joined: 2005-04-17
Posts: 8339
Posted: Tue, 2012-05-29 11:56
 
andymedia

Joined: 2009-01-02
Posts: 88
Posted: Tue, 2012-05-29 13:21

Oh right, what information is store in the session cookie? Will i have to get consent from the view from the customer to view the site? Does the site work without cookies?

 
suprsidr
suprsidr's picture

Joined: 2005-04-17
Posts: 8339
Posted: Tue, 2012-05-29 13:37

You won't need consent.
Session cookie only stores GALLERYSID with a value like: c13010f2af5d997a07a82e195a43c583 and it is only to keep users logged in, not to track them.
Some other modules like the tree menu will use a cookie to remember which tree node is open... again not to track anybody.

w/out the cookie users cannot stay logged in.

-s
FlashYourWeb and Your Gallery with The E2 XML Media Player for Gallery2

 
andymedia

Joined: 2009-01-02
Posts: 88
Posted: Tue, 2012-05-29 13:46

so a cookie is only used when you logged in but if you view the site without logging in no cookies will be stored is this correct?

Thanks for the help on this matter

 
suprsidr
suprsidr's picture

Joined: 2005-04-17
Posts: 8339
Posted: Tue, 2012-05-29 13:54

Gallery creates a temp session for anonymous users no cookie ie. GALLERYSID=TMP_SESSION_ID_DI_NOISSES_PMT

-s
FlashYourWeb and Your Gallery with The E2 XML Media Player for Gallery2

 
andymedia

Joined: 2009-01-02
Posts: 88
Posted: Tue, 2012-05-29 14:08

Cool many thanks for that and it helps me to understand better

 
Dayo

Joined: 2005-11-04
Posts: 1642
Posted: Tue, 2012-05-29 19:27

The cookie law, which made little sense as originally configured, is indeed now in effect. However, 48 hours before it kicked in, it was watered down to exclude conditions that suggest "implied consent".

Logging into your site implies consent to use a cookie to determine that the person is logged in as this is more or less the only way to do this.

Beyond this, the law was actually targeting tracking cookies used for advertising and not functional cookie used to make a site function as required. Again, a login cookie falls into the latter category.

In summary, the law has been amended (in the UK, other EU countries may vary) and in any case, the way G2 uses cookies did not go against the law to start with.

On the consent issue, explicit consent in the form of some sort of popup gets rid of any need to interpret. Implied consent on log in situation can be strengthened by putting text next to the login button saying "Uses Cookies" or similar.

You may want to consult your lawyer if you want to be absolutely sure where you stand.

--
dakanji.com