http://www.theregister.co.uk/2012/04/05/eprivacy_directive_web_analytics/
For those who haven't been following it, essentially this is about cookies and that cookies not being used for 'essential functionality' need to be obtaining permission from the user first.
I'm not quite sure how the hell they intend this to be enforced, but the fact is that site operators in the UK do need to bear this in mind, and any European operator should at least be mindful since it is planned to be rolled out across the EU in some fashion.
Interestingly this was raised some time ago on sm.org, about whether SMF would consider it and I was less than enthused at the response there (since it is a valid matter of concern, just not for them, of course)
The question for us is whether the cookie in Wedge is considered an essential function or not. I'm ignoring the fact that we could just ignore cookies and push the SID via the URL of course, which would be an incredibly bad move, and as far as I'm concerned, I can satisfactorily argue the use of cookies for members as essential functionality - for the security aspect alone.
For guests the matter is a lot more complicated. The cookie there is still the session identifier, but for guests the purpose is merely to indicate uniqueness of session, as a vague form of analytics to figure out how many users are currently on the site (as entirely unique sessions will not do this)
I find the whole concept a bit ridiculous, actually, because as I said you could ignore cookies entirely and still pass all the data between pages internally - but it does essentially exclude Google Analytics, which is of course the point.
This last point does bother me, actually. Firstly, I don't know how it's going to work if I make a plugin of GA, because I don't think it will really pass their rules, and that I'm subject to these rules. Secondly, I have the uncomfortable feeling we're going to start seeing sites that actively demand GA to be running to work, or that they'll run their own full-on analytics.
For those who haven't been following it, essentially this is about cookies and that cookies not being used for 'essential functionality' need to be obtaining permission from the user first.
I'm not quite sure how the hell they intend this to be enforced, but the fact is that site operators in the UK do need to bear this in mind, and any European operator should at least be mindful since it is planned to be rolled out across the EU in some fashion.
Interestingly this was raised some time ago on sm.org, about whether SMF would consider it and I was less than enthused at the response there (since it is a valid matter of concern, just not for them, of course)
The question for us is whether the cookie in Wedge is considered an essential function or not. I'm ignoring the fact that we could just ignore cookies and push the SID via the URL of course, which would be an incredibly bad move, and as far as I'm concerned, I can satisfactorily argue the use of cookies for members as essential functionality - for the security aspect alone.
For guests the matter is a lot more complicated. The cookie there is still the session identifier, but for guests the purpose is merely to indicate uniqueness of session, as a vague form of analytics to figure out how many users are currently on the site (as entirely unique sessions will not do this)
I find the whole concept a bit ridiculous, actually, because as I said you could ignore cookies entirely and still pass all the data between pages internally - but it does essentially exclude Google Analytics, which is of course the point.
This last point does bother me, actually. Firstly, I don't know how it's going to work if I make a plugin of GA, because I don't think it will really pass their rules, and that I'm subject to these rules. Secondly, I have the uncomfortable feeling we're going to start seeing sites that actively demand GA to be running to work, or that they'll run their own full-on analytics.