Privacy Options change request for 4.6.4 based on EuGH judhement from 1.10.2019

Hi everyone,

i have to say a big thank you for update 4.6.3 – as it really is a good approach towards the right direction in terms of privacy and GDPR. Lately a judgement by the EuGH (1.10.2019) made the interpretable parts of the GDPR way more clear. Your german teammates may check out this link where everything is summarized pretty understandable.

https://datenschutz-generator.de/eugh-cookie-einwilligung-banner-detailinformationen-pflicht/

I am data protection responsible in our company and i digged into that topic in deeply. Here are some suggestions.

Things to consider for the next update:

1. Accept all / Accept group
It’s still not clear if “Accept all” is a way to go or not. Whats assumed by the lawyers according to the above judgement is that accepting groups of cookies (as long as you can still address them individually) is a way to go. So think of the situation:
You have three custom cookies set, you assign them to a group “Marketing”, you have a shortcode e.g. [aviaPrivacyAcceptGroup name=”marketing”] where the user can accept these 3 with a single click. Additionally the user also can opt in/out of single ones (already given – which is great).

2. Essential cookies
Same as above but allow to add cookies to a predefined group “essential website cookies”. As currently discussed by the lawyers it looks like essential cookies may not need to be accepted individually. Your solution to be able to opt in/out of them is still good. But still there’s no catalog on what is essential or what isn’t. E.g. a shopping cart cookie would be essential for a shop. So being able to add a custom cookie to the “essential website cookies” group would be great in terms of usability and current interpretation of the law.

3. Deny all cookies (except essential ones)
You have a deny all function. Deny all except essential ones would complete it according to the judgement.

4. Markup bug found
There seems to be a bug with the avia-privacy-reload-tooltip-link link (a tag). Check the closing tags, its not closing properly (you see a “<” outputted on the frontend)
Checkout /wp-content/themes/enfold/includes/helper-privacy.php line 1507 -> if you remove the class it works cause of the embedded quotation marks. Embedd it differently or e.g. use custom tag

5. No-Click and No-Scroll
The Modal cannot be closed currently – which is a good idea. But it doesnt work 100% You still can scroll down and click outside to close it. Either implement a No-Scroll or adjust the layer used to catch the clicks.

6. Script deregister
Developers only. This would make a big impact but be a great addon (and i don’t know any other one having this feature). Often cookies are set by third party or plugins. Unfortunately some of them are set on different domains so cross browser security won’t let us access them.
Luckily most of them are set by Javacripts within these plugins that are loaded with wp_register_script. Would it be possible to deregister custom javascripts (if selectors are known) if a specific cookie isnt set? This would make your solution way more complete (even if i understand that third party scripts are none of your business – technically spoken).

If theres anything unclear, just let me know.
You may answer in german too.

Regards tbc

• This topic was modified 5 years, 1 month ago by tbc.