13 {{ upvoteCount | shortNum }}
13 {{ upvoteCount | shortNum }}

EU Cookie Law - how to conduct an audit?

by HypnoHugh
10 replies
With the deadline for complying with the EU Cookie directive approaching - 25th May 2012, a client of mine has asked me to conduct a cookie audit of the wordpress sites that I have built for them.

In case you're not aware, all EU websites are supposed to ask visitors to opt in to receive cookies and have full disclosure of what cookies they use and for what purpose.

I've found a website EU Cookie Law - Legislation, Analytics & Firefox Plugin that allows you to install a plugin which collects the cookies as you use the site.

However, the problem I'm having is working out what features trigger what cookies. Many are third party cookies - I guess from things like Facebook and Twitter features.

Has anyone got any ideas on how to conduct a thorough audit or work out if various Wordpress plugins leave cookies?

Also anyone found any good solutions to cookie dilemma?

My client is a law publisher so they feel obliged to make an effort!

Hugh
#audit #conduct #cookie #law
  • Profile picture of the author JDIZM
    First I've heard of this. I guess I am a little slow. Thanks for the website link. Will have a read up
    {{ DiscussionBoard.errors[5665189].message }}
  • Profile picture of the author HypnoHugh
    You can find more info on the ICO website together with an example of their proposed solution - the ugly opt-in box at the top of the page.

    Privacy and Electronic Communications Regulations - ICO
    {{ DiscussionBoard.errors[5665213].message }}
    • Profile picture of the author kjr
      Have you installed the plugin? If so, how long does it take from visiting a site for the data to appear on the Cookie Law website?
      Signature

      Home Based Money Makers - Free Home Business Tips Newsletter.

      {{ DiscussionBoard.errors[5668608].message }}
      • Profile picture of the author HypnoHugh
        It varies often you start to get results straight away, but some cookies appeared a little later.

        I've found it works best using Google Chrome - I couldn't get Firefox to work.
        {{ DiscussionBoard.errors[5669844].message }}
        • Profile picture of the author kjr
          I had tried it in Firefox, but nothing seemed to be happening. I will give it a go in Chrome and see if I can get results from that route. Thanks.
          Signature

          Home Based Money Makers - Free Home Business Tips Newsletter.

          {{ DiscussionBoard.errors[5671188].message }}
          • Profile picture of the author HypnoHugh
            Originally Posted by kjr View Post

            I had tried it in Firefox, but nothing seemed to be happening. I will give it a go in Chrome and see if I can get results from that route. Thanks.
            Yes i had the same problem - Chrome should work fine.
            {{ DiscussionBoard.errors[5673059].message }}
            • Profile picture of the author marksteven
              Another extension is View Cookies for Firefox:

              bitstorm.org/extensions/view-cookies

              Works fine.

              There's another one by our colleagues over at Attacat here:

              attacat.co.uk/resources/cookies

              With these tools you just need to walk through your site, interacting with it and checking for cookies as you go.

              Once you've done this you should consider deploying a notification / consent solution like Cookie Control:

              civicuk.com/cookie-law
              {{ DiscussionBoard.errors[5711667].message }}
              • Profile picture of the author a-harvey
                Doing a manual audit takes a lot of time and you have to click every link on the site. This isn't practical on a large site and you really need to get a computer audit done.

                The problem is that the cost for most audits are quite high and when you have them you still have to create a policy and some implementation of pointing the customer to the site.

                We have just developed a system and the cost is very low, it includes an audit,banner, and policy so a full solution. You can check it out at ukcookieslaw.co.uk
                {{ DiscussionBoard.errors[6587504].message }}
  • Profile picture of the author BudaBrit
    There's still confusion about this.

    How does this affect, for example, Google Analytics use? Is it better just to remove it? Or is there something I can do to make it easier?

    Surely the Facebook and Twitter, etc., cookies are from Facebook/Twitter, not you, so you don't need to tell about them - only the ones you are collecting yourself - analytics, etc.
    {{ DiscussionBoard.errors[6587799].message }}
  • Profile picture of the author a-harvey
    Hi Buda,

    You can wrap the Analytics so it doesn't collect any data unless the client agrees - No I don't think you need to remove it, what you have to do though is explain to your site visitors that you are using these tools and they are dropping cookies and they can be removed by doing x and y.

    If the cookie is being dropped by someone clicking a link on your site for say Facebook like then yes you do as you have to explain that they are third party cookies that you are dropping and where they can go and read about say Facebook's privacy policy etc.

    You need to get a proper Audit done so you know what you and third party links are doing, you cannot just use web developer tool in firefox and hit cookies and get them all as some will only drop when you hit the link.

    The same is true for video content although there is privacy enhanced versions of links.

    You can also create static links that don't drop the cookies its all in our ebook.

    Regards
    Andrew
    {{ DiscussionBoard.errors[6622717].message }}

Trending Topics