Wedge

You have said a lot of things, however in reply to me you have only told me that this is a EU law (fair enough, this is not really something to think about, I'll save that for one of my anti-EU-rants), that the plugin architecture of Wedge will not allow this (fine, if there's no way around it there's nothing to discuss about this, unless you want me to comment on the plugin architecture, something I am not competent to do) and asked me if I will be so "brave" as to ignore this, something I will, for the reasons live627 state above, and because this kind of stuff gets me annoyed. As for the rest of your posts, I did not assume they were directed at me. I may however take a moment tomorrow if I have time to scour over them and reply, but for now I only read your one post.

Let's see.

1. It is an EU law, yes. It is likely to be implemented in a similar fashion in the US.

2. The plugin architecture makes this awkward but not impossible to deal with.

3. There are a very large number of related matters. Even if this law does not affect you, it is still good practice to review the state of play and actually be at least partly compliant, in at least as much as reviewing what cookies the site uses and being able to justify those to users. Are you saying that you are not accountable for the software your site runs? Are you saying that you do not care about the privacy of your users?

While I dislike the way such implications can be thrown about, it is something that should be considered, whether you are required to comply by law or not. What cookies does your site issue? Do you need them? Are you actively, passively or secretly analysing your users? Are you allowing that data to be shared with third parties deliberately or accidentally?

These are things that reviewing the site and its software would bring. You as a site owner are responsible for what your site does, burying your head in the sand to these issues does not absolve you of that responsibility.

Just because you may not be subject to a law trying to protect privacy, does not mean you shouldn't try to protect their privacy!Who has a vested interest in DNT not being implemented? Who has a browser that does not support DNT as set out in the specification at this time? Who is also a member of the W3C? (The answer is one and the same, and it isn't Microsoft.)

Oh, don't get me wrong, I'm well aware that the whole implementation of the cookie law is farcical. But it's making site developers go back and think about the cookies that are required and consider whether that feature is necessary. For me, that's a huge deal, because it's encouraging developers to take some responsibility - and it's making site owners do the same, which is a great thing, even if for the wrong reasons.It doesn't. But informing users of how their information is being used can do because it gives them the power to understand what their data is being used. I just wish it were more driven by site owners wanting to take that responsibility without having to be strong-armed into it in any fashion.This is actually why I railed about people not reading the laws as written and relying on third party reporting on the subject. The laws are about making site owners review their software and making a judgement about things. It starts by asking 'do you need to track anything' rather than presuming that tracking is actually required.

Even a session cookie is not really required, except for analytical purposes. But would anyone think about that aspect without a review like this being put under peoples' noses?

Apart from the fact that the ICO considers SMF's (and Wedge's) cookies beyond what is reasonable, (putting aside the privacy implications of Who's Online) the fact that the registration agreement is only barely acceptable and that in the UK, officially forum owners are actually supposed to register with the ICO for being data controllers... yes, apart from those tiny details, it's fine.

Go back and read the letter I sent them and their response. Even though I actually pointed out to them that SMF's default registration agreement does mention cookies.

Oh, and SMF's registration agreement etc. definitely does not extend to the likes of Google Analytics, which are so far beyond what is acceptable without work that it isn't even funny.

Yes, they can. But the majority don't bother. So, moot point...?

I don't mind having to think about privacy and I think it's a good thing that people do, but saying that this makes people think about privacy is like making police wear pink suits for people to think about police more, but only if the police are outside the police station (A solution that strikes way more police than it probably should, just like this law strikes way more sites than it should). It's just not a good approach. The thought behind it is good. I don't mind the govt having a snoop around those pesky Facebook "Like" buttons that track you whether or not you utilize them, but when they start punishing hobbyists like me who are acting in good faith, that's just silly and makes me want to kneejerk at them, something I probably will.

Oh, yes. It's been discussed at SMF that the 'hide online' doesn't hide last online time for users, this is an extension of the same idea.

There is still an issue, though, regardless of whether hide online is enabled or not - it's still logged as to what they're doing and it's still shown to admins, so even if 'hide online' is on, it's not hidden from admins. Whether that's a privacy issue is also questionable, of course.I know that. But can you imagine anything else that's going to get any number of sites to actually consider what they're doing about privacy? Sites have shown more than once that they don't care - and if there's no penalty to being lax, they'll keep doing it. This law, however badly implemented, is at least understanding that privacy is being eroded in favour of companies who want to monetise you. And it IS getting sites to consider how they're doing things, the fact that we're having this debate is proof of that.Yup. I take much the same view, but I can also argue about my cookies because I know what all of them do ;)That is also the same understanding I have, though you'll note the reply from the ICO is a bit vague on that point.Yay, more legislation from lawmakers who don't understand the workings of the law. For example, the recent ruling in favour of the lady who was bullied on Facebook. What are the odds the people who were bullying were feeding FB fake data?