(The quickest way to register)

Check out our new Mobile App

Forum

  1. User picture
    • Dutch Mountain on Sat 02 Dec 2017
    • 01:07:20 PM UTC

    New EU rules and guidelines for websites and -shops in 2018

    WORK TO DO ! On websites and webshops.

    As of May 25 – 2018, all entrepreneurs, including freelancers and sole traders, have to comply with the new European rules on privacy through online media and data files.

    The privacy on the Internet in all its forms is regulated through the EU-Privacy Directive, while the General Data Protection Regulation ( GDPR ) applies to the way data files are used and managed.

    Full details in the last blog on my site ( News / blog page )
    READ IT !
    FIX IT !
    BE PREPARED !
    The fines on violation will be huge..........

    peterswebsafety.com ( link on my profile page ).

Comments:

  1. User picture
    • A440 on Sun 03 Dec 2017
    • 02:07:42 AM UTC

    RE: New EU rules and guidelines for websites and -shops in 2018

    Wow, this is news!

    . . . If you use cookies then it should be possible for the visitor to turn them off, after which he or she can still visit the website or webshop or use the app. Again, the exception for functional cookies applies. For websites and web shops this has to be done via a new and simple function in the browsers, which must be added by the browser developers. But if you use apps, you’ll have to adjust this yourself.
  2. User picture
    • Dutch Mountain on Sun 03 Dec 2017
    • 08:33:54 AM UTC

    RE: New EU rules and guidelines for websites and -shops in 2018

    Originally posted by: A440
    Wow, this is news!

    Yeah, you're right. Work to do.
    I've already implemented it on my 4 websites.
    Better fixed, than wait until the last moment ( with the risk of forgetting it ).

    peterswebsafety.com ( link on my profile page ).

  3. User picture
    • Myxt on Sun 03 Dec 2017
    • 09:43:22 AM UTC

    RE: New EU rules and guidelines for websites and -shops in 2018

    Does your website use cookies – and every webshop does that – then you are obliged to report it. This is NOT applicable for the so-called functional cookies that are necessary for the website or webshop to properly function. The cookies required for the general visit statistics are also excluded.

    Without considerably honing this edge, I foresee clever tricksters making it into a 4-lane highway:
    "Oh, yes! We totally need those cookies (that store all possible identifying data) to adjust the layout of our gotcha page."

  4. User picture
    • Dutch Mountain on Mon 04 Dec 2017
    • 07:02:29 PM UTC

    RE: New EU rules and guidelines for websites and -shops in 2018

    Originally posted by: Myxt
    Without considerably honing this edge, I foresee clever tricksters making it into a 4-lane highway:
    "Oh, yes! We totally need those cookies (that store all possible identifying data) to adjust the layout of our gotcha page."

    In a later comment I've read that the national authorities have the obligation to control that.
    If this is going to happen properly in all EU countries is something we can only hope.
    Unfortunately some countries have a bad reputation in matters like this.
    But when you're a "big player" and the EU itself puts you under a magnifying glass............

    peterswebsafety.com ( link on my profile page ).

  5. User picture
    • Myxt on Wed 06 Dec 2017
    • 08:13:24 AM UTC

    RE: New EU rules and guidelines for websites and -shops in 2018

    The focus on cookies always seems excessive; they are static storage, not executable, and modern browsers readily offer to block or delete them per session. Of course cookies can store PII, but that can be directly transmitted anywhere without cookies. By contrast I've never seen this much emphasis upon methods such as, "You must inform visitors that you transmit their PII encoded in URL parameters", but it's one of the most common methods.

    Example base64 chunks:
    _http://pii.vacuum.con/?em=eW91ci5uYW1lQGhvdG1haWwuY29t&ph=KDEyMyktNDU2LTc4OTA&bd=MTk3Ny8wNC8wMQ
    decode to:
    _http://pii.vacuum.con/?em=your.name(at)hotmail.com&ph=(123)-456-7890&bd=1977/04/01

    Sometimes they don't even bother to encode it:
    _https://arstechnica.com/information-technology/2013/10/healthcare-gov-deferred-final-security-check-could-leak-personal-data/

    Then there are the interstitial tracking sites that get pinged between what appear to be safe pages.

    The best use of cookies is functional: to inform an app or page of how it should continue between sessions. If you want to steal data, there is no need to leave the evidence in plain sight in the victim's machine.

  6. User picture
    • Site-rater on Sat 09 Dec 2017
    • 05:56:03 AM UTC

    RE: New EU rules and guidelines for websites and -shops in 2018

    It should be worth mentioning that when cookies are used on a non-HTTPS site their contents can be skimmed by anyone monitoring the connection. This is because cookies are transmitted with every HTTP request for the domain they are valid on.
    By setting the "secure" flag it can hint to the web browser that it be sent only via HTTPS.

  7. User picture
    • Dutch Mountain on Mon 11 Dec 2017
    • 06:44:38 AM UTC

    RE: New EU rules and guidelines for websites and -shops in 2018

    Originally posted by: Site-rater
    It should be worth mentioning that when cookies are used on a non-HTTPS site their contents can be skimmed by anyone monitoring the connection. This is because cookies are transmitted with every HTTP request for the domain they are valid on.
    By setting the "secure" flag it can hint to the web browser that it be sent only via HTTPS.

    One of the reasons to change to HTTPS in stead of HTTP.
    Note : Another one is that Google and other search engines prefer HTTPS websites and rank them higher.
    And that trend is a good contribution to internet safety. Just a thought........

    peterswebsafety.com ( link on my profile page ).