Cookie directive management

Created by: Lester Caine, Last modification: 06 Jun 2012 (12:04 BST)

European cookie's directive

While initially I was rather ambivalent about the 'cookies directive' and though that I did not even need to worry about it, deeper investigation has highlighted that understanding what we as developers are using under the hood IS important. While some cookies are in essence essential to make a site work well, others are not so important, and other methods of working may actually be easier. Until such time as IPV6 is being used properly, so any visitor can be identified by their IP address, then adding a session cookie is the only reliable way of identifying visitors who may well currently be using the same IP address on our side of their mobile network. So I view a session cookie as something that does not need permission to use, but have now moved forward to add a permission pop-up anyway, since other sites add social media buttons and the like, which create their own demands which we as developers need to understand since we are feeding those sites. Google Analytics is  another grey area so personally I prefer to use our own piwik installation to track site activity, so we know exactly what is being gathered from our visitors.

Permission pop-ups

There are a growing number of paid for services giving audits of your sites and managing access for you, but this seems to be just another 'tracking' intervention that should not be allowed. There are several options that can be locally managed and added easily to existing sites. The main problem is keeping them in keeping with the site style, but that is just a matter of sorting the ".css" file for the add-on.

cookieconsent

This is the one I have ended up using although it has been hosted locally and modified to provide a few local additions. Still need to add a few more options and get the generic site option working to the piwik server for Rainbow Digital Media, so that all RDM hosted sites are managed in the same way. This allows us to disable social media facilities if a visitor opts out from that service.

cookiecutter

Simple pop-up without any on-going selection to change selections. Also available as a wordpress plugin. May be useful for sites that do not have extra cookie load.

cookiesdirective

Another simple pop-up which disappears before having read the content. Google Analytics is bundled with it so it's not an option for us. Also have to use the browser cookie manager to change things.

cPrompt

Has a nice flag to indicate acceptance or rejection, but still linked to Google Analytics.

Cookie Control

This has a nice feel to it, but is only available as plug-ins for wordpress, drupal and magneto. That said, I may well borrow some of the features such as the access icon which remains on the corner of the browser. Modifying cookieconsent's flag should not be difficult. Just spotted that this does not have a 'decline' option at all ...

Todo list for cookieconsent port

None of the options provided an ideal off the shelf solution to the problem, but cookieconsent gives most of the facilities that I was looking for. Since this is intended to go with our hosted sites as well, we needed to tailor the plug-in to working on a number of different style of legacy sites. Since we have added social media and/or piwik to sites, linking in the additional facilities should be easy now.

The obvious problem of having to set cookies to flag that cookies should not ignored, but accessing these cookies to control the piwik script and the social media options still needs to be added.