PHPSESSID Cookie

I would be very surprised if this cookie is anything but beneficial. However, the European Union Cookies Law makes it a legal obligation for websites in the EU to document the use and purpose of the cookies they use.

It would be very helpful if you could describe the purpose of this cookie in your plugin.

Having studied the matter in a bit more depth the EU directive is stricter than I previously thought. Website visitors need to give prior consent to the addition of any cookies, other than essential ones. It’s arguable, but it seems likely, given a strict interpretation of the law (I’m have no legal expertise), that the PHPSESSID cookie set by this plugin contravenes the law.

Would it be possible to have an option in the settings section preventing cookies being set? Or is it essential with all possible usages of the plugin?

Hi,

Let me explain it please correct me if I am wrong, this plugin use the server side session to save the css to create the dynamic css based on the shortcodes used. So when we save it in session then PHP by default on cookie to save the session id. Thats why this cookie is created, and it is not harmful.

Thanks

Thanks for the reply. Not having a deep technical understanding of these issues I’m not sure I fully understand your explanation of the cookies purpose. Could you provide an explanation that an ordinary member of the public would understand – which I could then include in the Privacy Policy page explanation of the function of the cookies used by a website?

I’m sure the cookie isn’t harmful – but because is gets set when a website using the EBS plugin is first accessed, it would appear to contravene EU legislation on cookies. In the UK the Information Commissioner’s Office gives this guidance The observations on page 5 (“Prior Consent”) are particularly relevant. Page 12 provides guidance on exceptions to the need for prior consent. I’m no lawyer, but it may be hard to argue that the cookies provided by the EBS plugin could be deemed essential.

Is the use of cookies essential to all uses of the EBS plugin? Would it be possible to disable the setting of cookies by the administrator, or better still to link the use of the cookie to user acceptance of cookies, as with the EU Cookie Law (or other cookie) plugin?

This is a great plugin – and one I would like to continue to use. But it would be great to be able to use it without the legal uncertainty around its usage.

This plugin isn’t setting the cookie, your PHP installation is. This plugin adds data to PHP’s session and in order for PHP to know who you are from page load to page load, PHP adds a cookie so it can pull back up the information that was saved in the session on the previous load. If you don’t want to use PHP session cookies, you’d need to talk to your host about how you’d disable them in favor of using PHPSESSID in the URL instead, which would accomplish the same task, albeit uglier. It could probably be successfully argued that session cookies that contain zero user identifiable data are essential to a website’s operation. Any website that you log into uses session cookies to remember who you are as you navigate around the site.

In fact, this URL (https://ico.org.uk/for-organisations/guide-to-pecr/cookies-and-similar-technologies/) seems to indicate that session cookies probably do not need to be declared.

Hi everybody, thanks for the answers, I checked my site and the cookies is not there any more.
Thanks, Gabi