Transcripción
Extracto de la transcripción automática del vídeo realizada por YouTube.
all right it's a I think about time to start so I hereby welcome you to my session lost dem laws and statistics a tale of cookies so more people are coming in everybody is more than welcome I hope everybody is having a nice conference I know I am so hope
that's a positive thing helped a lot of interesting sessions you have witnessed and I hope to provide one to cookie story Who am I I'm not going to bore you too long with that but I think there should always be a classical car in any presentation especially
my car so I have my own Rupa job I run project management I do event management I do basically everything I can find a client crazy enough to pay me for I've been doing drupal sins about 4.3 4.4 ish and after Drupal 7 released I decided simply to drop
basically all other CMS source EMFs I was working with which were at the time mainly joomla wordpress hippo and drupal and focus on drupal entirely actually the biggest thing for me drupal consists of is not only code it's the community it's the fact
that here and in other events in the netherlands some of which i helped organize where hundreds of enthusiasts all sharing knowledge not in a competitive sense of business way but in an absolute competitive sense of intelligence and code quality and feature
wise and that's what's Drupal for me it's a fantastic ecosystem so that's why I decided to spend my time on that and then something happened we had a cookie issue or better we had a telecommunications law issue this presentation mainly consists
of two parts I'm going to go into a bit of the legislation or side of telecommunication law which is privacy related and then I'm going to do the demo and that is absolutely on purpose keep the best for that so people don't run away I hope but
telecommunication law is a European issue privacy related legislation is European issue which got translated into dutch legislation and this presentation is based on the dutch implementation of it that's not only because i'm dutch but i also think
that the dutch implementation is a remarkable achievement in stupidity actually because it completely focused on the wrong issue as far as I'm concerned in the Dutch law and also a new European law distinction of information is made which boils down to
a distinction of two types of cookies it's functionally necessary cookies like session cookies shopping carts things you actually need to make your site work and analytics cookies those are in the view of the ball maker optional and our privacy invasive
by nature the assumption is that analytics cookies they contain identifiable information or at least some means of identifying a profile which could be constructed to resemble a certain individual and why is that profile interesting well everybody knows in
e-commerce the best thing to know is simply who is your customer what has he bought in the past and therefore we can offer it more the assumption which is made under Dutch law is that analytics cookies always contain personally identifiable information until
the webmaster or the owner can prove otherwise well which of course nobody's going to do so that's what I met with pretty much brain that implementation then we have functional cookies and their legal as long as the user is informed about them so cooking
control something like that any cookie resembling personal information even if its analytics or functional should be explicitly accepted by users and this is something very hard wired in the Dutch legislation on this issue now this is of course very interesting
because most systems utilize only one cookie to offer a lot of functionality actually it's pretty bad practice to like force a lot of cookies on users so this ends up an interesting mess so it's it's it's a nuisance it became pretty difficult
to separate dysfunctionality because in an e-commerce site you also do analytics of your client behavior in a normal web site you also build up profiles of interesting users like targeted groups and stuff how does that relate to personally identifiable information
and is that always a problem is or is it only a problem if a commercial interest is actually there in the privacy information a lot of sites actually offer content to forum profiles of the users physics and the content and which their business model is based
on the fact that they can then sell the profiles so is ecommerce always a direct thing or not well Dutch public television which is one of those content providers who provides mainly knowledge has no commercial interest or whatsoever it's a public broadcasting
service they decided what we're going to play it safe we're gonna play put a cookie wall in front of our website but that's a problem because Dutch public broadcasting like the BBC or any other ard yours at the eff something like that they have
a public service to offer to have to provide public information without any constraints but now there was also legislation that demanded of them to provide information about the audience they were reaching with their communication because that actually gave
them a reason of existence they had to measure that audience okay dare you use cookies one side all right that became a total mess they put down a cookie ball and visits up outside they dumped they everybody simply went to the commercial sites which simply
ignored the law mostly website owners in Dutch in implementation of the law until recently we're also responsible for all cookies by the side which were set by any site visit on one side anyway so they would also be responsible for data leaks in like LinkedIn
when they lose a couple of million passwords which happens every couple of months it seems facebook also gets hacked website owners themselves under that law are responsible or could be held accountable so this is really an incentive for Dutch shop owners
and website owners to start thinking about what am I actually doing through my website what is what is it I offer in third-party means for instance it's this facebook like button only some sympathetic vote or is it potentially a legal minefield so any
site owner has to pay privacy or cookie statement stating what they do with their information so that's annoying and then can the penalties of course because you cannot have legislation without any kind of enforcement at first enforcement was zilch naming
shaming something like that but actually data loss under European law is pretty much being demanded that these incidents are being made public but for the Dutch implementation this would also mean that if you would have a LinkedIn button on your website or
[ ... ]
Nota: se han omitido las otras 3.291 palabras de la transcripción completa para cumplir con las normas de «uso razonable» de YouTube.