I think we got a problem in the EU, they change the law many times and it is not good for all of us. It is a pain right now!
Soon there will be the new e-Privacy and it will not be allowed to place any cookies at all.
Means, a cookie can be used, only if the client has agreed in advanced, that he wish this cookie. So for Cloudflare it will not be allowed to place this cookie automatically as it has been done all the time.
Since we will not be able to disable the cfduid cookie, we will not be able to use the service.
From CF website: The __cfduid cookie is used to identify individual clients behind a shared IP address and apply security settings on a per-client basis.
We understand in German, that it will be no longer allowed to track and to identify individual clients without they agreed. It will not be allowed to set such of cookie BEFORE the visitor has alowed this.
This refers to network clients, not individuals. Again, it purely is a technical cookie.
If you are unsure I’d suggest you seek out legal advice, but I am pretty confident you should be on the safe side. Generally speaking Cloudflare is GDPR compliant
For the GDPR yes, but as soon the new e-Privacy law will come out, I’m sure there will be a lot of problems to deliver this service to the EU. However, thank you for your time. Maybe CF should think about a solution for the future…
I would argue this amendment makes it even more clear that the cookie in question does not require explicit consent, but again in case of doubt you should go for legal advice to be on the safe side.
