new cookie law requirement YES/NO selection

Hi,
could You please post some evidence of this (news/discussions), so that i can study it? (example: what do do if user clicks “no”,…)

Regards

Have a look here:
https://www.itgovernance.eu/blog/en/how-the-gdpr-affects-cookie-policies/

you will find here a German description here:
https://www.e-recht24.de/artikel/datenschutz/8451-hinweispflicht-fuer-cookies.html

I‘m not sure what is to do after if a user a clicks of ?No“

I think I managed to be GDPR compliant with the EU cookie law plugin.

Cookies are only loaded when the user accepts cookies. I use this php function in functions.php in a child theme:

if ( !function_exists(‘cookie_accepted’) || cookie_accepted() ) {
// load google tag manager code
}

Please note that I modified the code. I want cookies to load when I disable the plugin.

As long as cookies are not accepted, they are not loaded. But the user still can use the site. No consent, no cookies. That’s what necessary to be GDPR compliant.

I also have an opt-out available after the user accepts cookies using the shortcode [cookie-control] on a page available in the footer menu. That’s also necessary to be GDPR compliant.

I think that’s all that is necessary. I hope I am right… ??

I’m working on the compliance but i cannot find very clear rules.

I just quote @rfmcomposer: if you block cookies and disable scroll + navigation consent, the “Accept” button is an active action that the user should make.

Also, the [cookie-control] should be placed in your cookie page, and it’s better to make the link accessibile from every page so that the user can check/revoke the decision made.

As regards the need of tracking consent i admit i have to study more: is the banner click enough to collect another data (IP) ?

@rfmcomposer, i really find your snippet savyy and logic!

@milmor, glad to hear you like my code ??

Here I suggested another code change:

https://www.ads-software.com/support/topic/auto-block-doesnt-work-fix/

I agree the rules about cookies are not very clear. I just wrote a lengthy blog article about GDPR, but unfortunately for you it is in Dutch…

Summary: functional cookies and some analytic cookies (anonymous + data not shared) can be used without consent. For non-anonymous analytics (where IP addresses are visible) and tracking cookies (like cookies placed by the Facebook pixel, Youtube embeds, …) consent must be given.

So it must be possible to block Youtube embeds and the Facebook pixel while still placing the Google Analytics cookies (with anonymize).

I didn’t read that a no button is necessary. What I did read:
*) consent must be given for some cookies (as described above)
*) the website must be visible also without accepting cookies
*) consent is for 12 months
*) consent must be revokable

Wouter

@rfmcomposer
You had a good idea, but I did not understand what you put in the function you put in the child-theme

@pakino In function.php you add the script code you want to block.

In my case:

function my_google_tag_code() {
if ( !function_exists('cookie_accepted') || cookie_accepted() ) {
?>
<!-- Google Tag Manager -->
...
<!-- End Google Tag Manager -->
<?php
}
}
add_action("...", "my_google_tag_code");

To further add to this and clarify – explicit consent is are required for GDPR / ePR (or soon will be) – so the following need to be in place to be compliant.

1) Visitor should be able to say “no” and the banner goes away with cookies left disabled (can “agree/accept” later on via [cookie-control] shortcode so that is fine).

2) If cookies are accepted that consent needs to be recorded somewhere – things like -> username if a logged in user, IP address, date / time etc. Internally in the WP DB is fine.

3) Whilst consent is not required for “essential” cookies, other types should be selectable- that is, Preferences, Marketing and Statistics cookies. So the banner should allow for those to be selected (and an option to be able to change those selections at any time). The backend would then need to allow for any cookie scripts to be tagged by in some way so the plugin will be able to enable / disable as dictated by the visitor. This will be required at some point in GDPR.

I agree with @adz111
The biggest problem for me is that there is no option to say no. You have to agree in order to get rid of the banner. This is not allowed for sure.

Can you please let know if there will be an update?

• This reply was modified 6 years, 7 months ago by Seeders internet marketing.

ironically you have to set a cookie to the user that DO NOT accept… but can be an “allowed” cookie!

—
I think the browser should manage this stupid law, not the sites or developers, it would be more logic and consistent…

I think it would be nice to keep your overlay as cookies enabled and a button to disable
I added to the gdpr framework plugins “privacy tool” page your shortcode
Also does it delete the cookie it generated ?

Add me to the potential users interested in a GDPR update. For the developers, follow Cookiebot as a reference.

Lots of misinformation in this thread.

until there is a new e-privacy regulation, PECR is in effect.
All that GDPR has done is up the ante on what consent means – which when combined with PECR means that a cookie solution needs to:
1. Not load scripts until there is consent.
2. Consent need not be granular (cookiebot is over-the-top).
3. Consent can be continuing to use the site, or scrolling, as per the guidance on PECR.

The easiest solution would be adding a text box to the plugin for scripts to load after consent (instead of blocking).

Hi folks,

No offence intended, but this discussion has been going on for 30 days now, and the GDPR comes into effect in 10 days time.

Is this plugin going to be updated in the next 10 days? If not many of us need to do something about it right now. We can’t wait until 1 or 2 days before the law comes into effect.

Just as an alternative… we found https://borlabs.io/borlabs-cookie/ to be very reliable and customizable. We had less trouble with scripts belonging to our homepage and stopped working before.