Jump to content

European Union cookie law. Yes another topic!


Michel_72

Recommended Posts

  • Replies 176
  • Created
  • Last Reply

If you read this entire topic you will see why we don't. Even since this topic has been around the laws have changed. I think it shows our reasoning clearly.

Hey Charles, i read the whole thing, i simply disagree with your reasons.

Sure, the laws here change maybe more often than elsewhere, but that's the situation we have. We have law changes EU-wide for online related matters every other month. A company who's interested in the european market keeps up with that, others don't.

Link to comment
Share on other sites

Hey Charles, i read the whole thing, i simply disagree with your reasons.

Sure, the laws here change maybe more often than elsewhere, but that's the situation we have. We have law changes EU-wide for online related matters every other month. A company who's interested in the european market keeps up with that, others don't.

Thing is each country can have a different law and IPB as a software can't keep up with different laws.

It is website owners responsibility to make sure his website follows the rules his company/website operates at.

As a customer whose company is within EU , i prefer IPB to focus on software developing . They should not dedicate any resources to track different law requirements all around the world, doing that will be counter productive.

Link to comment
Share on other sites

  • 5 months later...

Not a lawyer just logical thinking

Its kind of like the US export regulations (encryption)

Certain software created in the US may not be sold/used in certain countries, anyone who has access to this software can be held responsible for this. If for example I (in the netherlands) obtain a copy of some encryption library created in the US that is restricted and I decide to ship this (or provide access) to a US Hostile country, I (eventhough I'm not in the US) and in turn the party who provided me the library in the first place can both be held responsible and fined.

Folowing the same logic

IPS should take the maximum effort to comply with the regulations or disallow the usage of their products in the EU without proper implementation of cookie confirmation by the (let's call it) retailer.

Not having read the terms of use I would expect that some sort of statement like

"This software may not be used in certain countries without modification, depending on the country where the software is used additional restrictions may aply, it is the responsibility of the retailer to implement or comply with such restrictions, withouth these required modifications usage is prohibited"

is in there?

Link to comment
Share on other sites

  • 1 year later...

I researched this article because from june 2015 in Italy a site will receive a € 120,000 fine if is not comply with EU Cookie Law 

Be honestly, I can not understand how one can speak for 5 pages if IPS should or should not or not to add this feature to its products as it is based in the USA rather than in EU.

If I was a business company and if some of my clients require for their market some extra change to one of my products I would do it and I would sell them.

Of course they will pay extra for this modification. Since I live producing and selling software this is for me a great business opportunity.

My only question would be if I will produce an already changed version of my software or sell them just a plugin, but it certainly would sell them what they ask for.

But as I said if I was a business company I will just care to earn money instead of talking whether or not my market is in USA rather than in EU.

Link to comment
Share on other sites

There are a handful of websites that allow you to add consent with just a few lines of JS code which you can add into your IPB templates, like this one: http://sitebeam.net/cookieconsent/code/

​Hey Matt,

thanks for the input, but that's beside the point of the law here. In order to even allow a specific software for a project many companies actually require the use of a software that is compliant with EU-law. When working for the government or any company that uses public funds this is mandatory as well. I cannot offer and sell your product if it isn't compiant with EU law natively.

We get a functional spec documents that, for the most parts, requires:

  • Software that is compliant with EU data protection laws consisting of
    • the cookie thing
    • an assurance that the software does NOT transfer data outside of the EU (another unadressed problem because of the license activation thingy)
    • Upholds the EU data encryption and protection standards for data that is considerd "personal" (Any data linked to a personal account)
  • Assurance that data hosting is within the EU
  • Assurance that no data in general is being transfered outside of the EU (could be a problem when you do support)

I agree that it would be unresonable to ask for compliance with every single country on earth, but EU-laws are applicable and mandatory for ALL european countries as a common denominator. BTW: that are more potentional customers than in the EU (500 Million People in the EU vs. 320 Million in the US)

Data protection laws stemming from the EU-laws are the same in each and every eu country. The only difference are the fines and legal consequences for each country. Having that 120k fine in Italy is just one example. Germany offers a fine up to 50.000 Euro for "smaller stuff" and a swooping 300k fine for the bigger things. Even jail is on the table here.

Also, running a company website that does not comply with EU data privacy laws enables other companies to claim a violation agains a competition rule agains you via a so called "abmahnung", basically a legal letter that includes a fine, usually in the high thousands.

If it's so simply to add that functionality to your software, please do so natively :)

THanks!

Link to comment
Share on other sites

I've not looked recently to see if the law has been adjusted... But as of last year, it was applied differently for every single EU county.  The EU cookie law you speak of was applied as a simple directive that was given to the countries for them to apply how the saw fit.  Each applied the directive differently.  

You're asking for a one size fits all solution that may simply not exist.  It's up to you to ensure the software you're using complies with your countries applicable laws.  

Link to comment
Share on other sites

Right, it's up to the website owner to fit the laws. But it would be nice to have a solution integrated in the software that we use. So we have the possibility to chose the right one inside the software and don't need third-party tools. And the example from Matt shows that different needs could of course be handled.

Link to comment
Share on other sites

I've not looked recently to see if the law has been adjusted... But as of last year, it was applied differently for every single EU county.  The EU cookie law you speak of was applied as a simple directive that was given to the countries for them to apply how the saw fit.  Each applied the directive differently.  

You're asking for a one size fits all solution that may simply not exist.  It's up to you to ensure the software you're using complies with your countries applicable laws.  

​You seem to miss a very important detail: the so called "e Privacy directive" is a comprehensive document that specifies requirements in terms of data protection.

(See http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:32002L0058:en:HTML for more info)

While this directive itself is actually not a  binding law, any law that emerges from this directive has to take into account the requirements the directive dictates. Therefor laws in the EU countries may be different in wording and fines but at the core and meaning are the very same.

The only problem with the directive is Article 5 (3,) as it is somewhat vague. With the exception of Finnland and Portugal who decided that a "Opt-Out" for cookies is enough, all other countries are enforcing a law that requires an active "Opt-in" for cookies. Also EU law regulates that any directive that is not a local country based law in time, automatically becomes a law for that country. (An image of an angle becomes an angle, for the doctor who fans out there...)

Long story short: as long as the functionality is not included natively and invisionpower makes a statement about data protection confirmity according to eu law the software is unuseable for most of the companies in the EU. I recently was denied a contract due to this by a german city because their data protection advisor woudln't allow it. It was irrelevant that we would have been able to add this functionality by ourselves.

There are two things companies tend to ask for

  • A well known system with a non-encrypted source code in a common language
  • data privacy compliance

I've actually tried to sell the Invoisionpower Solution branded under a different name aka "my super cool german cms" but that fell through as well, cause no one knows that specific system and there are no other companies that use it. With invisionpower software itself i do not have problems in that regard as there are many well known companies that use the IP board. But then again I fail with the data privacy stuff...

Link to comment
Share on other sites

IPS is hesitant to jump into that whole EU legal jungle. I can understand that. Once you do it, you have to do it right – and then it gets very complicated, time-consuming and in turn expensive. 

But then again: I consider IPS the current leader in this software segment, and so, if anyone should be able to do it, it should be IPS. So hopefully, one of the 4.x releases can focus on getting the whole software suite EU ready. It’s not rocket science. The European software companies and social network providers all manage it somehow. 

Link to comment
Share on other sites

Right, it's up to the website owner to fit the laws. But it would be nice to have a solution integrated in the software that we use. So we have the possibility to chose the right one inside the software and don't need third-party tools. And the example from Matt shows that different needs could of course be handled.

​An inbuilt option of a blank box which we fill in ourselves would suffice, no?

It is upto administrators to ensure their site meets the required laws of their country, not a software developer. No need for IPS to get involved in the legalise minefield, just an option of a customised message prompt would suffice?

Link to comment
Share on other sites

IPS is hesitant to jump into that whole EU legal jungle. I can understand that. Once you do it, you have to do it right – and then it gets very complicated, time-consuming and in turn expensive. 

But then again: I consider IPS the current leader in this software segment, and so, if anyone should be able to do it, it should be IPS. So hopefully, one of the 4.x releases can focus on getting the whole software suite EU ready. It’s not rocket science. The European software companies and social network providers all manage it somehow. 

​I absolutely agree. As I wrote back in 2013: If Invisionpower wants the European Market they should and have to make that effort. Simple as that.

Link to comment
Share on other sites

​I absolutely agree. As I wrote back in 2013: If Invisionpower wants the European Market they should and have to make that effort. Simple as that.

​The "European Market" does not hinge on a single cookie prompt.

My problem is, I have no idea how IPS uses cookies anyway, is this documented anywhere?

Link to comment
Share on other sites

I looked at this a few years ago when it became an issue. I'm British, but I live in Thailand and my server is in Singapore. So, I shrugged my shoulders I decided to ignore it, and wish Europeans all the best with their schizophrenic social controls.

That may not be the right attitude but I'm a closet anarchist.

Link to comment
Share on other sites

I am from the EU, but i feel this law sucks. Perhaps 99% of the sites use cookies. But ok, we have to respect the law... it would be nice if IPS had it as an option.

Hey, I am all with you on that, I think it's preposterous...

I looked at this a few years ago when it became an issue. I'm British, but I live in Thailand and my server is in Singapore. So, I shrugged my shoulders I decided to ignore it, and wish Europeans all the best with their schizophrenic social controls.

That may not be the right attitude but I'm a closet anarchist.

​Then I guess you are not dependant on customers within the EU that care about this kind of stuff... ;-)

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.

×
×
  • Create New...