Privacy Policy

Privacy Policy

UPDATE 2012-05-28: I’ve turned off/deinstalled most of the cookie using plugins. I still have Google Analytics (behind a “Do you mind if I give you some cookies” jQuery), and Bad Behaviour 2 (and WordPress itself, of course) sending cookies, and I consider those to be “non-negotiable”. If you’re not happy, don’t visit my site. BTW, since I’m not a company, and I don’t use this site for commercial purposes, I don’t believe I need to give a flying f**k about PECR, but better safe than sorry; the Tory police state isn’t a long way away at this point.

The fact that I am having to write this page at all gives some indication of how far askew from “how the Internet works” the EU bigwigs have become. I personally find the PECR stupid and unworkable, but it’s UK law now so what can I do other than (a) ignore it, or (b) comply with it.

Since my site is written in WordPress, and I have a number of plugins that make use of cookies, and all of them will need to be modified to (a) ask you if you mind accepting their cookies, and (b) actually take heed of your answers, and (c) I *seriously* doubt that developers outside the EU are going to do any of this, I have decided to go some way to complying with PECR.

Anonymous users (i.e., not logged in, and that’s pretty much all of you) get a few cookies. One comes from WordPress itself (“PHPSESSID”) almost immediately and I really wish you didn’t get this one; you don’t need it and it does nothing useful in real terms. Unfortunately, the WordPress team doesn’t consider International Law to be important, and would rather take short cuts than actually not send you this one *unless* you log in (at which point, there are again other cookies they could use rather than this). If I were more PHP savvy, I’d dig about in their code and get rid, but I’m not. If you post a comment, a couple of cookies (with your real name and email address) will be sent to you so that the comment fields can be auto-populated for you. In theory, these could be held until consent is given, and/or merged into a single cookie (and I may look into doing this myself), but any change would have to be submitted to WP for inclusion, or it’d be wiped out with the next release.

The Bad Behaviour plugin sends a cookie (“bb2_screener_”) that contains a timestamp and your IP address, and it uses this cookie to monitor your behaviour. If you look like a spambot to it, it’ll prevent you spamming, otherwise it let’s you be.

The Cookie Control plugin, if you say “yes” to cookies, will send you one cookie that indicates you said yes, and then Google Analytics will send you four cookies to track your use of the site (and they claim this tracking is anonymous). These four from Google are the only “proper” tracking cookies that I will send you.

Logged in users (and there are only two of them currently, and I’m one of them), get five more cookies from my WordPress installation that let it know who you are, what your site preferences are, etc.

The table below details all cookies my WordPress could possibly send you:-

Not logged in

Name What & Why Expires
civicShowCookieIcon PECR compliance script answer cookie Thirteen weeks
__utma Four cookies from Google Analytics. The Cookie Control plugin will stop these if you don’t say “yes” to it. 2 years
__utmb See above 30 minutes
__utmc See above End of session*
__utmz See above 1 year
PHPSESSID WordPress is written in PHP, so it necessarily uses PHP session handling which needs this cookie to work. Safe to delete, even if you’re browsing the site still. End of session*
bb2_screener_ This cookie comes from the Bad Behaviour 2 plugin. Used to monitor your usage and block spamming (if that’s what you are doing). End of session*
comment_author_<id> If you post a comment, this cookie stores your real name to pre-populate the comment form field in future. 1 year
comment_author_email_<id> If you post a comment, this cookie stores your email address to pre-populate the comment form field in future. 1 year

Logged in

Name What & Why Expires
wordpress_<id> These two are path-specific. No idea what they are used for otherwise. End of session*
wordpress_<id> See above End of session*
wordpress_logged_in_<id> I’m guessing this tells WordPress that you are logged in. End of session*

* “End of session” means when you close the browser tab/entire browser. If you don’t close the tab/browser, these cookies will hang around like a bad smell at a party.

Now, if you don’t like the fact that I use cookies (as does every other website that has any sort of functionality), then learn how to use your browser’s cookie management facilities to block them. Making site software developers and site owners jump though ridiculous hoops (when the guys using cookies in a bad way won’t even bother to modify their behaviour) is utter lunacy.

Legal Statement

This website and it’s contents are copyright © 2011 Murray Crane, all rights reserved under applicable UK and EU law. All trade marks and registered trade marks are acknowledged and the property of their respective holders.

You should only have reached this content via my domain, murraycrane.org, and not any other domain name.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.