Manuel Schneider wrote:
The issue at hand is: EU privacy policy 95/46/EG[1] allows usage of cookies only if
- the user has been informed beforehand in detail
- the user has accepted the cookie
- this acceptance was given freely, without doubt and through by action
(This is the summary by the Article 29 Working Party issued in a Working Document 02/2013[2] on October 2nd, 2013.)
[...]
I checked MediaWiki:
- anonymous users don't get a cookie, unless the site owner added
something (eg. Google Analytics, Piwik or content served by another site using cookies) -> this is fine
- as soon as I click the "Login" button on the wiki, a cookie is being set
-> here we need to work, we need to ask first
So I see two possibilities:
[...]
Any thoughts about this?
In my opinion, you should e-mail legal@wikimedia.org if you're concerned about this issue. If the Wikimedia Foundation legal team feels that MediaWiki or Wikimedia wikis are inappropriately out of compliance with the EU privacy policy, they can say so explicitly and we can then discuss possible solutions.
As it is, I personally don't think there's an actionable issue here and I think we shouldn't change MediaWiki or Wikimedia behavior until there is.
MZMcBride