We use cookies to help make our site work properly and to analyze how our site is used. Some are optional, but none contain your personal information, and we don't use any for ads. You can view our cookies policy, manage your cookie preferences, or consent and dismiss this banner by clicking agree:

Agree
ExpressionEngine CMS
Open, Free, Amazing

Thread

This is an archived forum and the content is probably no longer relevant, but is provided here for posterity.

The active forums are here.

Cookie Consent Module exceptions - specifically Cartthrob

June 21, 2012 5:26am

Subscribe [3]

  • #1 / Jun 21, 2012 5:26am

    Jamie Blacker

    3 posts

    Hi, I’m working on an eCommerce site using Cartthrob.  Being based on the EU the Cookie Consent Module seems like a perfect solution, but as far as I can tell it’s an all or nothing situation.

    Under the law, any cookies for strictly functional purposes do not need to be consented.  Cartthrob uses a cookie for a persistent session, which clearly falls into this category. For this, I’d like to whitelist a few cookies and block the rest.

    On top of this, the law allows for “implied consent”, so ideally I’d like to accept certain cookies by default, and then use the cookie consent module to delete these if the user wants.

    So basically I’m asking
    1) Is there any way you can whitelist specific cookies and block the rest?
    2) Is there a way to accept cookies by default and only delete if the user wants?

    Cheers,
    Jamie

  • #2 / Jun 22, 2012 1:06pm

    Dan Decker

    7338 posts

    Hi Jamie,

    Thank you for your post on the Forums and Welcome!

    As you have realized, the Cookie Consent Module was developed to provide our European users with a means to be compliant with the law, but it in no way intended to cover all the bases. It is currently an all-or-none scenario.

    However, the CCM was developed as one concept of how this could be handled. More importantly, ExpressionEngine 2.5 brought development hooks that would allow developers to deal with cookie needs in a custom way as well.

    I’m sorry for the limitations in the first-party option, and I invite you to make a Feature Request for the items you would like to see.

    Cheers,

  • #3 / Jun 23, 2012 12:05pm

    Rob Allen

    3105 posts

    Jamie - as the ICO has now suggested implied consent is an acceptable approach, and you’re running an Ecommerce site, I’d say it’s acceptable to go with implied consent as default. Give the user a method to opt out but state that the site (cart) won’t work without cookies. This is an approach we’re going to take with an EE/CT site we’re just starting.

    The ICO has stated that if you’ve taken a pro-active approach and done something then they’re unlikely to follow through anyway.

  • #4 / Jun 26, 2012 10:42am

    Jamie Blacker

    3 posts

    Dan, thanks for getting back to me - the cookie consent is handy on most sites, but it certainly would be dramatically improved with a few changes.  I’ll submit a request as you’ve suggested, depending on timing I might have to see if I can

    Rob - For the time being this is pretty much the route I’ve taken, but as far as I can tell, to turn off the cookie blocking in the first place you have to submit a form or follow a link.  I currently have cookies blocked, and then allow them with a hidden field when a product is added to the basket.  Do you know of a way to allow them until clear all is clicked?

  • #5 / Jun 28, 2012 6:44pm

    Dan Decker

    7338 posts

    Hi Jamie,

    I’m going to move this over into Community Help so you and Rob can keep the discussion going.

    Being on this side of the pond, I really have no meaningful input or insight into implementation regarding the Cookie law, other than it sounds onerous on all accounts.

    Cheers!

.(JavaScript must be enabled to view this email address)

ExpressionEngine News!

#eecms, #events, #releases

© Packet Tide, All Rights Reserved. Legal Notices

Username

Password

Forgot password?
or Register