Page 1 of 1

New EU rules and guidelines for websites and -shops in 2018

Posted: Sat Dec 02, 2017 1:07 pm
by Dutch Mountain
WORK TO DO ! On websites and webshops.

As of May 25 – 2018, all entrepreneurs, including freelancers and sole traders, have to comply with the new European rules on privacy through online media and data files.

The privacy on the Internet in all its forms is regulated through the EU-Privacy Directive, while the General Data Protection Regulation ( GDPR ) applies to the way data files are used and managed.

Full details in the last blog on my site ( News / blog page )
READ IT !
FIX IT !
BE PREPARED !
The fines on violation will be huge..........


RE: New EU rules and guidelines for websites and -shops in 2018

Posted: Sun Dec 03, 2017 2:07 am
by A440
Wow, this is news!. . . If you use cookies then it should be possible for the visitor to turn them off, after which he or she can still visit the website or webshop or use the app. Again, the exception for functional cookies applies. For websites and web shops this has to be done via a new and simple function in the browsers, which must be added by the browser developers. But if you use apps, you’ll have to adjust this yourself.

RE: New EU rules and guidelines for websites and -shops in 2018

Posted: Sun Dec 03, 2017 8:33 am
by Dutch Mountain

Wow, this is news!

Yeah, you're right. Work to do.
I've already implemented it on my 4 websites.
Better fixed, than wait until the last moment ( with the risk of forgetting it ).

RE: New EU rules and guidelines for websites and -shops in 2018

Posted: Sun Dec 03, 2017 9:43 am
by Myxt
Does your website use cookies – and every webshop does that – then you are obliged to report it. This is NOT applicable for the so-called functional cookies that are necessary for the website or webshop to properly function. The cookies required for the general visit statistics are also excluded.

Without considerably honing this edge, I foresee clever tricksters making it into a 4-lane highway:
"Oh, yes! We totally need those cookies (that store all possible identifying data) to adjust the layout of our gotcha page."

RE: New EU rules and guidelines for websites and -shops in 2018

Posted: Mon Dec 04, 2017 7:02 pm
by Dutch Mountain

Without considerably honing this edge, I foresee clever tricksters making it into a 4-lane highway:
"Oh, yes! We totally need those cookies (that store all possible identifying data) to adjust the layout of our gotcha page."

In a later comment I've read that the national authorities have the obligation to control that.
If this is going to happen properly in all EU countries is something we can only hope.
Unfortunately some countries have a bad reputation in matters like this.
But when you're a "big player" and the EU itself puts you under a magnifying glass............


RE: New EU rules and guidelines for websites and -shops in 2018

Posted: Wed Dec 06, 2017 8:13 am
by Myxt
The focus on cookies always seems excessive; they are static storage, not executable, and modern browsers readily offer to block or delete them per session. Of course cookies can store PII, but that can be directly transmitted anywhere without cookies. By contrast I've never seen this much emphasis upon methods such as, "You must inform visitors that you transmit their PII encoded in URL parameters", but it's one of the most common methods.

Example base64 chunks:
_http://pii.vacuum.con/?em=eW91ci5uYW1lQGhvdG1haWwuY29t&ph=KDEyMyktNDU2LTc4OTA&bd=MTk3Ny8wNC8wMQ
decode to:
_http://pii.vacuum.con/?em=your.name(at)hotmail.com&ph=(123)-456-7890&bd=1977/04/01

Sometimes they don't even bother to encode it:
_https://arstechnica.com/information-technology/2013/10/healthcare-gov-deferred-final-security-check-could-leak-personal-data/

Then there are the interstitial tracking sites that get pinged between what appear to be safe pages.

The best use of cookies is functional: to inform an app or page of how it should continue between sessions. If you want to steal data, there is no need to leave the evidence in plain sight in the victim's machine.

RE: New EU rules and guidelines for websites and -shops in 2018

Posted: Sat Dec 09, 2017 5:56 am
by Site-rater
It should be worth mentioning that when cookies are used on a non-HTTPS site their contents can be skimmed by anyone monitoring the connection. This is because cookies are transmitted with every HTTP request for the domain they are valid on.
By setting the "secure" flag it can hint to the web browser that it be sent only via HTTPS.

RE: New EU rules and guidelines for websites and -shops in 2018

Posted: Mon Dec 11, 2017 6:44 am
by Dutch Mountain

It should be worth mentioning that when cookies are used on a non-HTTPS site their contents can be skimmed by anyone monitoring the connection. This is because cookies are transmitted with every HTTP request for the domain they are valid on.
By setting the "secure" flag it can hint to the web browser that it be sent only via HTTPS.


One of the reasons to change to HTTPS in stead of HTTP.
Note : Another one is that Google and other search engines prefer HTTPS websites and rank them higher.
And that trend is a good contribution to internet safety. Just a thought........

Re: New EU rules and guidelines for websites and -shops in 2018

Posted: Sun Feb 04, 2018 8:37 pm
by Dutch Mountain
Last news :
1 - These EU rules are a follow up of domestic French and German rules on privacy, which are already strict.
The EU now wants to create a European standard, applicable in all nations.
That has advantages in Easten and Southern Europe where nowadays rules aren't available or hardly controlled.

2 - The fines will be adjusted to the size of a company.
Data collectors like Facebook, Google, Microsoft and such can expect huge fines when breaking the rules.
The local soccer or whiskey tasting club may only be warned or receive a small punishment.

But one thing is sure..... from big to small, everyone is involved in a way and has to commit to the new rules.
And btw not only on the www, but e.g. a sportsclub has to destroy data of a member when that one ends his/her membership.
For webshops this means a big change and an awful lot of work.

Re: New EU rules and guidelines for websites and -shops in 2018

Posted: Mon Jul 23, 2018 7:26 pm
by Dutch Mountain
1 : Like Site rater said : Setting the secure flag with using https is important now. Since July 01 ( almighty ) search engine no. 1 Google presents a notification when a site isn't secured with https.

2 : I've heard around me that still a lot of sites don't fullfill to the new EU rules and the demands for secured versions by search engines. Those non secured sites are now down ranked.
Even a lot of webshops aren't updated on both issues.
Webdesigeners, site owners ...... some are too lazy while others either want to reduce expenses or don't know how to fix it.
Whatever, who does it and how you do it but ...... FIX IT !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

~sigh~All my sites are https now since the end of June. Still busy adjusting my settings, tags, cat's and more for optimal SEO and good content.
Hell of a job, but it's either this or getting out of sight in search engines.