hello, no, we have not made any changes in 6.2.0 for cookie compliance as (still) there is no clarity from the EU. At present I'm reading http://www.pcpro.co.uk/blogs/2012/04/27/the-cookie-law-clarity-at-last-but-not-from-the-ico/ (and associated documents) and plan to generate some guidance or/and code changes to meet the requirements.

---

Buy the new Professional DNN7: Open Source .NET CMS Platform book Amazon US

That isn't the official guidance from the ICO though. That is an interpretation of it and whilst I wish I could just follow that it isn't essentially clear.

The ICC guide seems to make out that you only really need a functional opt-in consent when dealing with category 4 cookies. Whilst reading through the ICO guide though they seem to make out that only Category 1 (strictly necessary) cookies do not need consent whereas everything else does.

Even if the consent is to present the user with a functional acknowledgement that you have adjusted your T&Cs etc. and they need to agree/accept them.

Are there any suggestions to how this can be tackled in DNN outside of waiting for an update?

Thanks for your time.

Kind regards,

Liam

The ICC and the ICO seem to differ somewhat even though the ICO link to the ICC document.

Understand that the ICC is NOT the ICO and therefore what they declare in the guide document (linked by Cathal) isn't something you should follow to the full extent.

I have been back through the ICO guide and it seems to differ somewhat from what the ICC guide has interpreted.

From what I can gather, from the official ICO guide, is that it is only 'Category 1 - strictly necessary' cookies that do not require user consent.

Everything else requires consent. Even if you add the relevant text into your T&Cs the ICO say it is not enough. Here is the exact paragraph from the guide (page 17):

"However, it is important to note that changing the terms of use alone to include consent for cookies would not be good enough even if the user had previously consented to the overarching terms. Consent has to be specific and informed. To satisfy the rules on cookies, you have to make users aware of the changes and specifically that the changes refer to your use of cookies. You then need to gain a positive indication that users understand and agree to the changes. This is most commonly obtained by asking the user to tick a box to indicate that they consent to the new terms."

When do you think we will hear more from DNN devs in terms of what might be planned here?

Also, in the meantime, is there anything that developers can do to adjust this without really looking into modifying the core of DNN and risk it being over-written down the line in an update.

Thanks for taking time to read this.

NOTE: Sorry if this is a double post or multiple posts from me. I posted earlier but it didn't show and I wasn't sure if all posts are moderated or not as it didn't notify me in anyway hence posting again *sigh*