[TYPO3-core] Cookie-Handling according to EU-law.

Jigal van Hemert jigal.van.hemert at typo3.org
Tue Aug 14 16:44:39 CEST 2012 

Hi,

On 14-8-2012 15:14, Georg Ringer wrote:
> IMO it is not yet clear how it should be really handled correctly ..
> session cookies and so on.
> you can disable cookie completly in install tool - TYPO3 is ready :D

It's not as simple as that.

There is a European "guideline" (a European law which must be 
implemented by each member state) which unfortunately is interpreted 
slightly different in various countries.
The rules are not only about cookies, but about storing personal 
information on the client computer. This applies to cookies, flash 
cookies, HTML5 local storage, etc.

A website which is targeted at an audience from a country must follow 
the laws in that country.

AFAIK there are three different variations:

- information; it's enough to inform the visitor and explain how he can 
disable cookies himself
- opt out; besides information about which information is stored on the 
client computer there must be a way for a visitor to disable the storage 
of information
- opt in; besides information about which information is stored on the 
client computer, the website can only store personal information on the 
client computer after the explicit consent of the visitor

Information which is absolutely vital for the service that the website 
offers may be stored without approval:
- cookie necessary to operate a webshop: allowed
- cookie for statistics: not allowed

The core may or may not supply a full solution, but at least some basic 
infrastructure is possible:
- a configurable [1] cookie [2] to store the visitors choice
- a TS condition which uses the value of this cookie

[1] it is allowed to store this choice in a cookie (which is considered 
vital for the service)
[2] (part of ) the name must be configurable, because if the type or 
amount of personal information which is stored is changed the consent 
which was given is not valid anymore


-- 
Jigal van Hemert
TYPO3 Core Team member

TYPO3 .... inspiring people to share!
Get involved: typo3.org

More information about the TYPO3-team-core mailing list