Means.Us.Com

Website DIY - tricks and solutions

A WordPress cookie notice that is only displayed to EU visitors.

Many websites will have received an email informing them of Google’s Ads policy requiring sites using Adsense to obtain cookie consent from European “End Users” (visitors) to “comply” with EU Law. i.e. add a cookie bar to your pages.

On visiting a site with an “allow cookies” notice, I don’t feel empowered just distracted. However; it is possible display cookie notices to EU visitors ONLY, sparing your non-EU visitors this annoyance (and partially functioning cookieless pages).

New GDPR: This article was originally written in 2015; the EU has now introduced stricter (GDPR) requirements (see final paragraph of this post). Dfactory has confirmed Cookie Notice will be 100% compliant with GDPR by the deadline of 25 May 18.


Make your WordPress Site display a Cookie Law bar only to visitors located in the EU

If you are using a caching plugin read this first

1. Install the Cookie Notice and Category Country Aware WordPress (CCA) plugins.

The CCA plugin identifies your visitor’s location, and tells Cookie Notice when to display the EU Cookie Law bar. Cookie Notice displays your customized bar.

2. Configure Cookie Notice to display the bar with your choice of text and options in an appropriate style and position for your site.
Dashboard->Settings->Cookie Notice customise and save settings.

3. Set the CCA plugin to control Cookie Notice output.
Dashboard->Settings->Category Country Aware

(On first use of CCA plugin only: go to the “General” tab and check the “Intialize GeoIP” box and Save Settings. then:)

Open the “Countries” tab, scroll down, enable Cookie Notice check box and save settings. If you wish you can also edit the list of “EU country codes”.

*** Job Done***

4. A quick test to ensure its working:

Fig 1: Testing Cookie Notice Output

Just add or remove the country code for your location from the list of countries and save settings, and go to one of your posts. If the list includes your country code the bar will be displayed, otherwise it won’t. Don’t forget to change the list of counties back to its original setting.





Other “EU” functionality provided by the CCA plugin (advanced users)

The CCA plugin also provides 2 short codes that can be used in posts and shortcode enabled widgets:

[cca_is_EU]text/Javascript/other shortcodes for visitors from EU[/cca_is_EU]
[cca_not_EU]some text/JS/other shortcodes included if non-EU visitor[/cca_not_EU]

You are [cca_not_EU]NOT [/cca_not_EU]from the EU.
Live example: You are NOT from the EU.

EU visitor detection function for use in your own PHP code (or by other plugins):

    cca_is_EU() returns TRUE if visitor is from the EU; or false otherwise.

N.B. Your list of “EU” countries (see image above) is used to determine whether or not the visitor is “from the EU”.
To enable shortcodes in CCA widgets you will need to add the CCA extension.


If you are using a caching plugin

Using caching plugins other than Comet Cache and WP Super Cache?
Then you shouldn’t use this solution. Caching plugins do not usually work with server geo-location; they take a “snapshot” (cache) of a page when it is first visited and all subsequent visitors see the same snapshot. If the first visitor was from Germany then the snapshot will include the cookie bar and your visitor from US will be served this snapshot and also see the cookie bar.

Using Comet Cache or WP Super Cache:
If you are using Comet Cache you can install and configure this Country Caching extension to make caching country (and EU) aware. Likewise; for WP Super Cache you can install this WPSC extension.


More about the CCA plugin

I’m the author. Most of the sidebar content on this page is provided by CCA widgets, what is displayed depends upon the category of the page and where you are from (if you view my posts on Chinese Phablets you will see different sidebar content).
You can also have responsive ads within posts that only appear on small devices. and much much more. More on its capabilities in this post.


GDPR

As from 25 May 2018 compliance with new EU GDPR regulations will be required; including a requirement to obtain a positive user consent for the serving of cookies.

The CCA plugin sets Cookie Notice’s “cn_cookie_notice_output” filter to prevent display of the cookie bar and blocking of cookies. It works with the current (and previous) releases of Cookie Notice. However, it is possible that the logic used in the next (“100% GDPR compliant”) release of CN will be so radically changed that the above filter will no longer do the job. I assume that if this is the case Cookie Notice will provide other filters that can be used to do the job and the CCA plugin will be modified to use them instead.

GDPR regulations are complex and you will see conflicting interpretations on how to comply. It’s no coincidence that WordPress has just announced that plugins in its directory are now forbidden from claiming compliance with any law.

I cannot afford a lawyer and am personally working on the assumption that (for cookies) a combination of the following Cookie Notice settings will be sufficient:

  • Button text set to “allow Cookies”
  • More info link enabled with link to your GDPR compliant page about cookies.
  • Refuse button enabled with text “Deny cookies”

(Cookie Notice says it will be 100% GDPR compliant. So I assume that by 25 May 18 it will provide visitors who opted to accept cookies the option to change their mind and subsequently reject them.)

You should read more about GDPR, and make your own call on what is required. Dfactory’s Cookie Notice support forum might be able to offer advice?


12 Comments

  1. Thank-you so much for this. My blog has mostly US visitors and a minority of EU visitors. I was looking for a solution to geo-target EU visitors, so as to comply with Google’s adsense policy. Yours worked perfectly.

  2. Any caching options for W3 Total cache users? I love how simple this work around is. Loathe that the 99% of my users in the US would have to see a stupid cookies pop-up that doesn’t even apply to them.

    • AW
      AW

      April 6, 2018 at 9:30 am

      Sorry, only WPSC and Comet Cache. If you are lucky with PHP 7 you may find your site is fat enough without caching. PHP 7 vastly speeds up the building of pages and, for many, makes caching no longer necessary. On my uncached WP sites page speed times reduced by 30 to 50% .

      Totally agree with you. Both as a surfer and site admin I find the EU law a pain – and things are just about to get worse! Sites will have to comply with new GDPR regs as from May 2018. Cookie Notice (even blocking cookies by default) will not be enough (by itself) positive consent for data storage e.g. email addresses on comments; and right to request info on what info is held are also part of GDPR.

    • I wholeheartedly second Leah’s suggestion and request for the additional development of caching options to support W3 Total Cache.

    • AW
      AW

      May 18, 2018 at 12:15 pm

      WPSC and Comet Cache both provide interfaces for other plugins to use AND “clear” (or at least understandable) documentation on creating the interface. I’ve not found similar for W3TC. It also takes many (unpaid) man hours to develop and test these caching extensions; so even if W3TC provided what was needed I couldn’t produce an extension plugin for W3TC any time soon. Now my sites run on PHP 7 I don’t use any caching plugin except to test updates to WPSC or Comet country caching extensions.

  3. Thankyou: your plugin (combined with Cookie Notice) is perfect for websites like mine that only have a few European visitors but need a cookie banner to comply with the GDPR. Its great to be able to show the cookie banner only to those people who legally HAVE to see it (rather than inflict it on everybody!).

  4. Where can I get help with this solution (i.e. someone to add a banner or help me block EU citizens) for a static WP site? I don’t use GA or know anything about the cookies that might be at play in the background, or more than the most generic things about the front end of WP. I will gladly remove my form and social media buttons. The site is literally just for storing content that I point people to directly, so it only just now struck me that GDPR might relate to me.

    • Sounds like you won’t need a banner then (if you replace your contact form with an ’email me!’ link and remove social media sharing buttons). Just add a cookie and privacy statement stating that your website only uses functional cookies and that you don’t collect any data. But remember to add that any personal data that a visitor sends you via email may be used to … (send them a reply / add to your CRM / whatever you do with the data). You can download those kind of generic statements from various places online, for free.

  5. Can CCA be easily adapted for use with other cookie consent plugins?
    In particular, Ginger already has the new GDPR requirements built in with blocking available for common 3rd party cookies.

    • AW
      AW

      May 16, 2018 at 8:46 am

      CCA can work with any GDPR Cookie plugin that has a hook to bypass consent banner and cookie blocking (for the current visitor). CCA contains the code for Cookie Notice’s hook. For other GDPR plugins you’d have to create a custom filter in functions.php (or your site’s own functions plugin) e.g.

      add_filter( 'the_GDPR_filter_name', 'only_for_EU', 99);
      function only_for_EU( $unfilteredGDPRpluginValue ) {
        if ( cca_is_EU() ) return $unfilteredGDPRpluginValue;
        return 'value that ensures cookies allowed and no banner for consent';
      }

      But I don’t know which plugins other than Cookie Notice provide such a hook.

      You could ask Ginger either to provide a hook; or (better, no need for code by you) Ginger to use the CCA function mentioned in the article. It would require them to add a couple of lines of code.

      if ( function_exists('cca_is_EU') && ! cca_is_EU() ):
        // if CCA plugin is running and visitor not from EU
        // Ginger does nothing
      else:
        // Ginger's code for Cookie consent/allow/block
      endif;

      Not tested, but I assume it will work. Get them to let me know if they do this and I’ll modify the article to highlight it being “built in” to Ginger.

  6. The updated continent / country codes for GDPR would actually be:
    EU,AT,BE,BG,HR,CY,CZ,DK,EE,FI,FR,DE,GR,HU,IS,IE,IT,LV,LI,LT,LU,MT,NL,NO,PL,PT,RO,SK,SI,ES,SE,GB

    This feedback is based on page 15 of “The GDPR: new opportunities, new obligations — What every business needs to know about the EU’s General Data Protection Regulation” resource PDF provided by the European Commission (https://ec.europa.eu/commission/sites/beta-political/files/data-protection-factsheet-sme-obligations_en.pdf), which states:

    “The GDPR applies to the European Economic Area (EEA), which includes all EU countries plus Iceland, Liechtenstein and Norway.”

    Hope this helps! 🙂

    • AW
      AW

      May 18, 2018 at 12:23 pm

      Thanks April. Yes GDPR is also applicable to 3 EEA countries not in EU. I am intending to include these in the default “EU list” when I next update CCA plugin. In the meantime users can manually add “,IS,LI,NO” to the list via CCA’s settings.

Leave a Reply

Your comment will appear after its approved; usually within 12 hours but can be up to a week.
Email is optional and never published. It will only be used to contact you if clarification of your comment is needed.

Copyright © 2018  Means.Us.Com
This site recommends and is hosted by: Kualo Web Hosting.    
Theme: hemingway
 

Blog home  |  ↑ Top of Page ↑