I rather like the way the John Gray Centre (
http://www.johngraycentre.org/) have done it - an unobtrusive but
inviting little icon that takes you to a simple yet comprehensive
explanation (with optional biscuit recipes thrown in) and goes away once
you accept.
Kate
On 03/14/12 10:13, Jeremy Ottevanger wrote:
> Hi James.
>
> That looks very much like what I was planning on implementing here, albeit more attractive that what I had in mind! That is, some cookies are set when a user arrives (Suffolk's site does this), because otherwise our Analytics is broken before we begin, and then inform people how to opt out by using their browser settings. The site launches with the overlay open so it's obvious, and it will keep on showing you the overlay unless you explicitly say that you're happy with cookies (this does indeed set a first-party cookie called civicAllowCookies, and another called civicShowCookieIcon). I don't see anything in the directive that requires us to build our own mechanism for opting out, only that we must give a clear and prominent explanation of what we do with cookies, what they are and how to avoid them (in some cases this may not be possible at all, if the website is to work).
> So in short, this looks like a good approach that both informs what's going on and how users can control their experience (this is the point of the directive)
>
> Cheers, Jeremy
>
> Jeremy Ottevanger
> Technical Web Manager
> Imperial War Museum
> Lambeth Road
> London SE1 6HZ
>
> -----Original Message-----
> From: Museums Computer Group [mailto:[log in to unmask]] On Behalf Of James Morley
> Sent: 14 March 2012 08:46
> To: [log in to unmask]
> Subject: Re: [MCG] Cookies legislation: what are you doing?
>
> I guess it's no surprise that someone had to resurface this discussion. Sorry!
>
> I wonder if anyone had seen an email circulating in the charity sector that mentions Cookie Control by Civic - http://www.civicuk.com/home . It's an overlay that sits in a corner of your pages with a statement and links to your policy, but once users have accepted it, it doesn't ask again (presumably by way of a cookie!). Take a look at http://beta.suffolk.gov.uk/ for a trial implementation. Whether it's through this, or using our own implementations, do people think that this is a valid approach that satisfies both the legislation, and the need to minimise any user impact? I have my own views, but I don't want to pre-empt the debate.
>
> The email also gives a link to the BBC's cookie section http://www.bbc.co.uk/privacy/bbc-cookies-policy.shtml
>
> For my part I am:
> i) mid-way through a cookie audit of our site and sub-sites, which is proving far more wide-reaching and cumbersome than I ever imagined (and I have a good imagination!)
> ii) wondering where the boundaries of our responsibilities go in terms of third-party hosted microsites for example our shop, ticket sales, online fund-raising etc. Most have our own branding and site design/navigation, and therefore any differentiation to the end user from our core site is (hopefully) transparent. And most but not all run from a sub-domain of kew.org. But to what extent might it be our legal responsibility, or the suppliers of those white-label sites?
> iii) wrestling with the issue of what defines an 'essential cookie'
> iv) discovering that even the definition of what a cookie is can be somewhat blurred (e.g. sessionids)
>
> Anyone care to chip in with some sage advice?
>
> Thanks, James
>
> ----------------------------------------------------------------------
> James Morley [log in to unmask]
> Website Manager Tel. +44 (0)20 8332 5759
> Royal Botanic Gardens, Kew www.kew.org
> -----------------------------------------------------------------------
> ________________________________________
> From: Museums Computer Group [[log in to unmask]] On Behalf Of Diana Erskine [[log in to unmask]]
> Sent: 25 January 2012 09:31
> To: [log in to unmask]
> Subject: Re: Cookies legislation: what are you doing?
>
> Hi all,
>
> I don't know if this helps....
>
> I am a Project Manager working at an agency who have actually been working with the ICO to apply their own guidance to their own website :-)
>
> Its been an interesting project and with full analytics in place there have been some very interesting findings - the drop out of people on the homepage was higher than anticipated. As such we are currently working on some solutions which alert people 'nicely' to the use of cookies.
>
> We're actually doing a lunchtime seminar with the ICO speaking and with our findings and recommendations on the 24th February in Manchester. If anyone is interested email me on [log in to unmask] and I'll get you a place :-)
>
> Kindest regards,
>
> Diana
>
> -----Original Message-----
> From: Museums Computer Group [mailto:[log in to unmask]] On Behalf Of Matthew Cock
> Sent: Wednesday, January 25, 2012 8:52 AM
> To: [log in to unmask]
> Subject: Re: Cookies legislation: what are you doing?
>
> Thanks John. Precisely.And I assume that you are waiting until May 25 until you decide exactly what Tate's appetite for risk is?
>
> Matthew
>
>
>
> Head of Web | Department of Learning and Audiences | The British Museum | www.britishmuseum.org
> Sent from Blackberry: 07971433841
>
>
> ----- Original Message -----
> From: Museums Computer Group<[log in to unmask]>
> To: [log in to unmask]<[log in to unmask]>
> Sent: Tue Jan 24 20:25:48 2012
> Subject: Re: Cookies legislation: what are you doing?
>
> Hello
>
> It's really about individual organisation's appetite for risk. The latest guidance from the ICO (pdf at http://bit.ly/sMSUvk ) specifically covers analytics cookies in the very last section. See below with my emphasis using *'s.
>
> John
>
> We only use analytical cookies - if nobody consents that will seriously restrict the amount of information we can get to improve and develop our website
>
> The Regulations do not distinguish between cookies used for analytical activities and those used for other purposes. We do not consider analytical cookies fall within the 'strictly necessary' exception criteria. This means *in theory* websites need to tell people about analytical cookies and gain their consent.
>
> *In practice* we would expect you to provide clear information to users about analytical cookies and take what steps you can to seek their agreement. This is likely to involve making the argument to show users why these cookies are useful. Although the Information Commissioner cannot *completely* exclude the possibility of formal action in any area, it is *highly unlikely* that priority for any formal action would be given to focusing on uses of cookies where there is a low level of intrusiveness and risk of harm to individuals. *Provided clear information* is given about their activities we are *highly unlikely* to prioritise first party cookies used only for analytical purposes in any consideration of regulatory action.
>
> ****************************************************************
> website: http://museumscomputergroup.org.uk/
> Twitter: http://www.twitter.com/ukmcg
> Facebook: http://www.facebook.com/museumscomputergroup
> [un]subscribe: http://museumscomputergroup.org.uk/email-list/
> ****************************************************************
>
> Grayson Perry: The Tomb of the Unknown Craftsman
> Until 19 February 2012
>
> Book tickets
> www.britishmuseum.org
>
> Become a member
> www.britishmuseum.org/membership
>
> Connect with the British Museum online
> www.facebook.com/britishmuseum
> www.twitter.com/britishmuseum
> www.youtube.com/britishmuseum
>
>
> ****************************************************************
> website: http://museumscomputergroup.org.uk/
> Twitter: http://www.twitter.com/ukmcg
> Facebook: http://www.facebook.com/museumscomputergroup
> [un]subscribe: http://museumscomputergroup.org.uk/email-list/
> ****************************************************************
>
> The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, re-transmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you are not the intended recipient please notify us by telephone immediately on 020 7173 2800 or return it to us via email. Please then delete it from your system.
>
> Company Registration No. 3280127 (England& Wales). Registered Office address: 65-66 Frith Street, London, W1D 3JR
>
> ****************************************************************
> website: http://museumscomputergroup.org.uk/
> Twitter: http://www.twitter.com/ukmcg
> Facebook: http://www.facebook.com/museumscomputergroup
> [un]subscribe: http://museumscomputergroup.org.uk/email-list/
> ****************************************************************
> ****************************************************************
> website: http://museumscomputergroup.org.uk/
> Twitter: http://www.twitter.com/ukmcg
> Facebook: http://www.facebook.com/museumscomputergroup
> [un]subscribe: http://museumscomputergroup.org.uk/email-list/
> ****************************************************************
>
> This message has been scanned by the IWM Webroot Service.
>
> This email and any attachments are confidential. It may contain privileged information and is intended for the named recipient(s) only. It must not be distributed without consent. If you are not one of the named recipients, please notify the sender and do not disclose or retain this email or any part of it.
> Unless expressly stated otherwise, opinions in this email are those of the individual sender and not those of the Imperial War Museum.
> This email has been scanned by the Webroot security service. We believe but do not warrant that this email and any attachments are virus free: you must therefore take full responsibility for virus checking.
> ****************************************************************
> website: http://museumscomputergroup.org.uk/
> Twitter: http://www.twitter.com/ukmcg
> Facebook: http://www.facebook.com/museumscomputergroup
> [un]subscribe: http://museumscomputergroup.org.uk/email-list/
> ****************************************************************
>
--
Kate Byrne
School of Informatics, University of Edinburgh
http://homepages.inf.ed.ac.uk/kbyrne3/
The University of Edinburgh is a charitable body, registered in Scotland, with registration number SC005336.
****************************************************************
website: http://museumscomputergroup.org.uk/
Twitter: http://www.twitter.com/ukmcg
Facebook: http://www.facebook.com/museumscomputergroup
[un]subscribe: http://museumscomputergroup.org.uk/email-list/
****************************************************************
|