Having spent several years working on my Cookie Policy extension I believe that I have a fairly reasonable understanding of the Cookie Law not only as it relates to the UK but to other EU countries.
Unfortunately the way that this has been implemented in phpBB is, I believe, flawed.
There are three basic rules for complying with the Cookie Law
(source - ICO : https://ico.org.uk/for-organisations/gu ... hnologies/)The rules on cookies are in regulation 6. The basic rule is that you must:
- tell people the cookies are there;
- explain what the cookies are doing and why; and
- get the person’s consent to store a cookie on their device.
Whilst points 1 and 3 are being handled point 2, in my opinion, is not as all there is is a link on the acceptance banner to an remote page (http://cookies.insites.com/) which is only giving some basic information about cookies in general, not specific to any particular site. Also there is no permanent link to the "Cookie policy" once the banner has been dismissed and if the remote site is not accessible then the user will have no information at all.
Furthermore this implementation does not, as far as my understanding goes, comply with the requirements of some other EU countries.