[Building Sakai] EU Cookie Disclosure

Raad Al-Rawi Raad.Al-Rawi at admin.cam.ac.uk
Thu Mar 29 07:14:16 PDT 2012 

That's an interesting point.

We're still cogitating our position, but one of our senior lecturers in Computer Science was of the opinion that the new law is targeted at ad tracking, rather than login services; and that OpenID/Shibb-style services should be exempt because they use non-persistent cookies that are strictly necessary for providing the service.
I don't know if that point applies to the standard Sakai login/other cookies though.

Raad


From: sakai-dev-bounces at collab.sakaiproject.org [mailto:sakai-dev-bounces at collab.sakaiproject.org] On Behalf Of Matthew Jones
Sent: 27 March 2012 17:59
To: Feliz Gouveia
Cc: John Fontaine; dev sakai
Subject: Re: [Building Sakai] EU Cookie Disclosure

I agree, I read it as if the cookie is used by a subscriber of the service to store data necessary for use of the service, then it doesn't have to be disclosed.

If the cookie is optional and placed there to enhance the experience or to track activity, then consent is expected to be granted first.

Really this seems like it should be the up to the browser rather than every website in the world to implement.

As far as Sakai, I don't think there's any unnecessary cookies that are used, just the the one for the session-id.
On Tue, Mar 27, 2012 at 12:28 PM, Feliz Gouveia <fribeiro at ufp.edu.pt<mailto:fribeiro at ufp.edu.pt>> wrote:
wouldn't the following exemption apply to Universities and other
content providers?

"The Regulations specify that service providers should not have to
provide the information and obtain consent where that device is to be
used:
(...)
- where such storage or access is strictly necessary to provide an
information society service requested by the subscriber or user. "

Feliz

On 27 March 2012 16:57, csev <csev at umich.edu<mailto:csev at umich.edu>> wrote:
> Is anyone having issues with the new EU Cookie guide?   I am surprised this
> has not come up on the list so far.
>
> I am wondering if this is painful enough to get it into 2.9, back-port it,
> etc etc?
>
> Here is the summary from John Fontaine based on his research:
>
> http://www.ico.gov.uk/for_organisations/privacy_and_electronic_communications/the_guide/cookies.aspx
>
> Basically it means that applications like Sakai must disclose to end users
> that we are using cookies and obtain their consent to the cookies (ideally
> prior to setting the cookie, but can be concurrent with the cookie being set
> if the cookie is strictly necessary for application functioning).   This
> disclosure and consent can't be reliant on the web browser preferences, but
> must be stated clearly.  An information page should also be provided
> detailing all the cookies set by the application, any third party cookies
> (e.g. Google analytics, youtube flash cookies) and any applications
> installed on the end users "terminal device" (computer, smartphone, etc).
>  This page should describe the item installed (cookie, etc), how it is used
> and what personal information might be exposed.  The user should be
> presented with an "opt-in" chekcbox" that tracks that they have agreed to
> the cookie's being installed (which can ironically use a cookie to track
> this setting).
>
> I am happy to figure out a place in login or in /portal to put this if
> people are getting pressure.
>
> /Chuck
>
> _______________________________________________
> sakai-dev mailing list
> sakai-dev at collab.sakaiproject.org<mailto:sakai-dev at collab.sakaiproject.org>
> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
>
> TO UNSUBSCRIBE: send email to sakai-dev-unsubscribe at collab.sakaiproject.org<mailto:sakai-dev-unsubscribe at collab.sakaiproject.org>
> with a subject of "unsubscribe"



--
Feliz Ribeiro Gouveia

Universidade Fernando Pessoa            http://www.ufp.pt
Centro de Recursos Multimediaticos      Tel 351-22.507.13.06
M.I.N.D. Lab                            Fax 351-22.550.82.69
Pr 9 de Abril 349                       fribeiro at ufp.edu.pt<mailto:fribeiro at ufp.edu.pt>
P-4249-004 Porto
_______________________________________________
sakai-dev mailing list
sakai-dev at collab.sakaiproject.org<mailto:sakai-dev at collab.sakaiproject.org>
http://collab.sakaiproject.org/mailman/listinfo/sakai-dev

TO UNSUBSCRIBE: send email to sakai-dev-unsubscribe at collab.sakaiproject.org<mailto:sakai-dev-unsubscribe at collab.sakaiproject.org> with a subject of "unsubscribe"

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20120329/41d2de15/attachment.html

More information about the sakai-dev mailing list