Go to main content

Textpattern CMS support forum

You are not logged in. Register | Login | Help

#13 2018-04-08 21:03:25

gaekwad
Server grease monkey
From: People's Republic of Cornwall
Registered: 2005-11-19
Posts: 3,629
GitHub

Re: Txp cookies, visitor logging, and GDPR stuff in general

Destry wrote #310778:

Well, every web server records IP address, doesn’t it?

Not strictly, no. The web servers I’ve used can all have logging disabled, or have the log format set to exclude the IP address. There are also methods to anonymise the visitors so their path can be tracked through your/the site, but there’s no identifying data in the logs.

Aside: I think GDPR is going to be a big mess for the first few years, and I suspect some crazy fines will be handed out.

Offline

#14 2018-04-08 21:07:59

gaekwad
Server grease monkey
From: People's Republic of Cornwall
Registered: 2005-11-19
Posts: 3,629
GitHub

Re: Txp cookies, visitor logging, and GDPR stuff in general

philwareham wrote #310756:

I guess that checkbox could be updated to localstorage- maybe open an issue to discuss.

github.com/textpattern/textpattern/issues/1236

Offline

#15 2018-04-08 21:10:09

gaekwad
Server grease monkey
From: People's Republic of Cornwall
Registered: 2005-11-19
Posts: 3,629
GitHub

Re: Txp cookies, visitor logging, and GDPR stuff in general

Bloke wrote #310763:

I’m tempted to leave it and completely overhaul the commenting system in a future Txp version by making it a module, deprecating the mess of comment tags we have now and starting again with new tags.

See github.com/textpattern/textpattern/issues/308 for some background info, starting in the heady autumn days of 2014!

Offline

#16 2018-04-08 21:20:51

gaekwad
Server grease monkey
From: People's Republic of Cornwall
Registered: 2005-11-19
Posts: 3,629
GitHub

Re: Txp cookies, visitor logging, and GDPR stuff in general

gaekwad wrote #310789:

Aside: I think GDPR is going to be a big mess for the first few years, and I suspect some crazy fines will be handed out.

I’ve been using this with my clients, it’s the best explanation I’ve found to date:

blog.varonis.com/gdpr-requirements-list-in-plain-english/

Offline

#17 2018-04-09 03:48:23

michaelkpate
Moderator
From: Avon Park, FL
Registered: 2004-02-24
Posts: 1,371
Website GitHub Mastodon

Re: Txp cookies, visitor logging, and GDPR stuff in general

Here’s another one I ran across:

Centry’s GDPR Guide

Which was discussed here:

This Week in Law 418: FOMO Re EU

Offline

#18 2018-04-09 07:25:04

colak
Admin
From: Cyprus
Registered: 2004-11-20
Posts: 8,724
Website GitHub Twitter

Re: Txp cookies, visitor logging, and GDPR stuff in general

OK, Destry persuaded me that we have to have a warning for our cookies. I am trying to use Jukka’s code but it does not seem to be working.

You can see our usage on github

and here

<txp:output_form form="colak_cookie" />
<txp:variable name="cookie_warning_visible" value="true">
<div class="container_24" id="cookie-monster">
<div class="grid_24">
<p class="centre">By continuing to use the site, you <a href="?hide_cookie_warning=1">agree</a> to the use of cookies. You can find out more about our use of cookies by following this <a href="/about/#cookies">link</a>.</p>
</div></div>
</txp:variable>

This is the output form (which I think that it is identical to Jukka’s).

<txp:variable name="cookie_warning_visible"><txp:php>
	if (gps('hide_cookie_warning'))
	{
		setcookie('cookie_warning_hidden', 1, strtotime('+1 year'), '/');
		echo 'false';
	}

	else if (cs('cookie_warning_hidden'))
	{
		echo 'false';
	}

	else
	{
		echo 'true';
	}
</txp:php></txp:variable>

any advice would be appreciated.


Yiannis
——————————
neme.org | hblack.net | State Machines | NeMe @ github
I do my best editing after I click on the submit button.

Offline

#19 2018-04-09 07:31:23

Destry
Member
From: Haut-Rhin
Registered: 2004-08-04
Posts: 4,753
Website

Re: Txp cookies, visitor logging, and GDPR stuff in general

jakob wrote #310784:

For a personal site, it’s perhaps easier to do that.

Understatement of the year. ;)

their site has no tracking, no user registration, no payments, no affiliations, no comment system. The only pertinent aspects are some member-supplied information (provided offline and person-to-person in direct agreement), a mailchimp signup and a link to a facebook page. In the whole multi-pane generator form, there are just three boxes ticked. The result is … I kid you not … 12 A4 pages (~5000 words) worth of policy infos.

Stunning. (And fascinating.)

I have suggested my client supplies a short info as a preamble to actually inform people and the privacy policy to ward off the lawyer-sharks.

That’s a good suggestion.

It’s also a good time to be telling clients to audit their entire content assets and accounts, quitting needless third-party services (Facebook, MailChimp, etc), and cutting content ROT (redundant, outdated, trivial) like their lives depend on it.

As someone who works in the Content Strategy realm of things, I can see how the GDPR is going to create a whole new niche service in that field, contrary to what it’s been up to this point. Where content marketing thrived and dominated that field to get companies, orgs, associations, institutions, etc to spread their communication and archiving across third-party services, the exact opposite is going to be imperative now. A doubled-down emphasis on content auditing — not unlike the self-editing I’m doing to reduce my online footprint and connection with centralized services.

For SMEs (small-medium enterprises), removing non-critical connections with distributed cloud archives and centralized (and decentralized) social media could be the next internet land rush. Own Your Data! has never been more important. Big companies will have a much harder time of this, and that’s where the lawyer sharks will be swimming, where the big money is.

The repercussions of it all could literally change the web as we know it, but in a good way if entities make the effort to tighten their load and jettison the detritus content and parasite services, instead of just screaming FOUL! and hoping it will all go away. Though that could just be my hate for ad/marketing agencies and socmed talking.

I think I just outlined a new service offer for Wion Editorial. Auditing for GDPR survival. I need a internet lawyer partner. We’ll be rich! ;)

Offline

#20 2018-04-09 07:38:47

Destry
Member
From: Haut-Rhin
Registered: 2004-08-04
Posts: 4,753
Website

Re: Txp cookies, visitor logging, and GDPR stuff in general

Destry wrote #310796:

Big companies will have a much harder time of this, and that’s where the lawyer sharks will be swimming, where the big money is.

Now that I think of it, company size may not be as big of factor as dependency on third-party services. Whether large or small, if a company relies heavily on Google services like Analytics and Drive, or Amazon, whatever. That’s going to be painful to change, if they even can and survive.

But where companies can better self-manage their assets, and eliminate needless bulk, that’s the direction to go. Lean, clean, and mean. That will help reduce legal risk.

Auditors and sys admins have a bright future. ;)

Offline

#21 2018-04-09 07:45:45

Destry
Member
From: Haut-Rhin
Registered: 2004-08-04
Posts: 4,753
Website

Re: Txp cookies, visitor logging, and GDPR stuff in general

gaekwad wrote #310792:

I’ve been using this with my clients, it’s the best explanation I’ve found to date:

blog.varonis.com/gdpr-requirements-list-in-plain-english/

That’s a very useful resource. Thanks Pete. I like how they’ve pulled out the vocabulary from that. It could be strategic to start using those terms, in fact, in the legal statements of sites. For example, I see site owners are called “Controllers” in terms of the GDPR. I’ll be looking at this closer.

Offline

#22 2018-04-09 07:59:20

Destry
Member
From: Haut-Rhin
Registered: 2004-08-04
Posts: 4,753
Website

Re: Txp cookies, visitor logging, and GDPR stuff in general

michaelkpate wrote #310794:

Here’s another one I ran across:

Centry’s GDPR Guide

That’s an interesting one too. Clearly written to scare people because they’re selling a service around it. This is potent faint remedy:

“Companies that are not compliant with the regulations by May 25th, 2018, and experience a breach of personal data, can expect to face steep fines, i.e. up to 4% of global revenue or 20 million Euro (whichever is higher)!”

And their “What does it effect?” section seem to confirm a bit what I was stabbing at about company size. It’s not the size, but the nature of the practice.

But, Michael, I don’t know if your free advertising for YouTube and Denise is warranted. ;)

Offline

#23 2018-04-09 08:30:20

Destry
Member
From: Haut-Rhin
Registered: 2004-08-04
Posts: 4,753
Website

Re: Txp cookies, visitor logging, and GDPR stuff in general

If there are any French company owners following, a question for you…

Up to this point, a small business online in France was/is governed by the Processing, Data Files and Individual Liberties Act of 6 January 1978, and its post amendments. I’m presuming the new GDPR will supercede that old law, thus all French company sites can remove those old statements and “legalize” against the GDPR regulations?

That’s the impression I’m getting from this:

What are the goals of GDPR?
… Furthermore, they will simplify the regulatory environment for international business, by unifying regulations across the EU.

Offline

#24 2018-04-09 08:40:43

Destry
Member
From: Haut-Rhin
Registered: 2004-08-04
Posts: 4,753
Website

Re: Txp cookies, visitor logging, and GDPR stuff in general

colak wrote #310795:

OK, Destry persuaded me that we have to have a warning for our cookies.

For what it’s worth. I’m not using any special code or elements to popup display my legal “compliance” notes, whatever kind. It’s all going directly into the footer of the site. In fact, that’s what the site footer of my site is for, “legal” notes. Front and center, in plain English, and on every page (one, in this case because it’s a single-page site). ;) An ID (i.e. <footer id="bam">) provides a direct link anchor if I need one from an external location (e.g. my writing site).

Offline

Board footer

Powered by FluxBB