Slashdot Mirror

← Back to Stories (view on slashdot.org)

Strong Online Privacy Bill Introduced

Posted by michael on from the baby-steps dept.

Masem writes "Senator John Edwards (NC) is introducing a strong privacy bill to Congress, as reported by CNN. While CNN's details are sketchy, the bill would require commercial web sites to ask permission from the user before a cookie can be set or personal information collected. Needless to say, this is an ideal time to snail-mail your representative or senator and ask them to vote in favor of this bill. Of interest that I cannot locate is if this allows 'grandfather' protection of existing data, or will all commercial sites have to start anew by erasing their databases and recollecting the information."

13 comments

  1. I can see a loophole that can be exploited heavily by cecil36 · · Score: 1

    Suppose a site wants to use cookies. They can get around this by having users register with the site. After filling out the forms that the site wants the user to fill out, they can put in their Terms of Service (TOS): "By agreeing to the Terms of Service, you acknowledge that (site name) can send "cookies" to your computer. If you wish not to have (site name) place cookies on your computer, then press 'Cancel'."

    This way, anyone who registers with the site will have given the site permission to set cookies, because the permission was given in registration, and there was a clause placed in the TOS.

  2. Re:Why legislate? by ishrat · · Score: 1

    Because some guys are too lazy to do their own work.

    --

    There's always sufficient, but not always at the right place nor for the right folks.

  3. Privacy,1984, and the Super Bowl by BrianRFSU · · Score: 1

    I really hope that this bill does something because after reading an article on what "Big Brother" (read:government) did at RJS in Tampa. I would be scarred that if the government wants to photograph everybody going to the superbowl in order to run background checks, where, in a rational sense, could this lead to? We as Americans have a resonable expectation of privacy whereever we go. I would be very wary in assuming that this bill will add teeth to anything given the past abuses of State and Federal Government

    --
    Brian Rubright
  4. Re:different types of cookies? by vanillicat · · Score: 1

    While this might seem commonsense to most of us, companies like Doubleclick, who have a strong incentive to track and use information like this, find it much easier to give in to pressure unless they are told not to through explicitely written laws. That's why I think measures like this are necessary; not everyone plays by the unwritten rules.

  5. That's a nice bill, but what we really need... by Rick+the+Red · · Score: 1
    are better browsers with more flexibility. Now all we can do is turn all cookies on or off (OK, you can also block so-called "3rd party" cookies while accepting all other cookies -- BFHD). Better browsers is the technological solution to this social/political/economic problem.

    For now I, like many others, simply keep cookies.txt read-only, but what I really want is the ability to save specific cookies and forget all others. And, naturally, the read-only 'trick' doesn't work with MSIE (I have to use both brands as part of my job and I've come to hate both).

    I want a browser that lets me accept the "remember my login" type of cookies and reject the "let me track which pages you've visited/ads you've seen/where you came from/where you're going" cookies (among other things -- mostly I want a browser that lets me configure everything, not just the few things they deign to let us configure).

    --
    If all this should have a reason, we would be the last to know.
    1. Re:That's a nice bill, but what we really need... by lizrd · · Score: 2
      If you want to get rid of the evil cookies in IE, just add the offending domains to the list of restricted sites. Long lists of known ad servers can be easily found on the interent. Cookie setting is disabled by default for the restriced sites list.

      If you want to be more restrictive you can disable cookies for the internet zone and add sites you want to allow to set cookies into the trusted sites zone. Keep in mind that it is necessary to enable cookie setting on most e-tail sites to keep track of your shopping cart.
      _____________

      --
      I don't want free as in beer. I just want free beer.
  6. Will be ineffective against offshore websites by Sanity · · Score: 2
    As has been found by many European countries who have "Data protection" laws designed to protect people's privacy, the fact that you can't apply your country's laws to foreign websites may make this rather ineffective.

    --

  7. Why legislate? by luckykaa · · Score: 2

    We already give permission. Netscape allows a warning before cookies are accepted. This isn't perfect, but it does the job. Lynx (and a few others) ask before accepting cookies and give a yes/no/always/never option. IE allows a trusted sites, untrusted sites distinction. Added to this are a huge number of third party cookie blocking solutions.

    We just need to be warned that people are using cookies and how they're using the things.

  8. different types of cookies? by www.sorehands.com · · Score: 2
    It does not say much about different types of cookies; actually different uses.

    Cookies to save login id is not bad. Cookies by doubleclick to track across sites is another story.

    But, isn't someone leaving data on your computer and picking them up without authorization a form of computer tresspass? Just because it can be done does not mean it is authorized. Leaving a window open on a house does not mean that a person is allowed to climb through it and take a nap.

    --
    Fight Spammers!
    1. Re:different types of cookies? by use_preview · · Score: 2
      Leaving a window open on a house does not mean that a person is allowed to climb through it and take a nap.

      And if they do climb through and take a nap, they'd better do it in the bedroom.

  9. won't change anything by peccary · · Score: 2

    So now, every web site will add a boiler-plate disclaimer and an "Enter" button. Ok, you've been informed, you consented, now we'll get down to tracking.

    Or alternatively, they will move to a different regulatory jurisidiction, say, Anguilla.

    Unless the people care about their own privacy and take steps to protect it, there is little the state can do that will matter. The most important thing the people need to do is stop divulging personal information for any purpose.

  10. Re:I can see a loophole that can be exploited heav by Sodium+Attack · · Score: 2

    How is this a loophole? Seems to me this is how it ought to work.

    --

    Never take moderation advice from sigs, including this one.

  11. The obligatory four questions by Cerlyn · · Score: 2
    • The first attempt to pass this bill failed. What are the odds of it passing this time, especially in the face of corporate lobbyists?
    • How might this bill be modified as it passes through the legislature? Could it become the opposite of what was originally intended?
    • Site A contracts site B to provide inline content/ads/etc. for their site. What does site A have to report about site B's policies? What happens if site A's understanding about site B's rules is incorrect, or site B changes them without contacting site A?
    • How explicitly will companies have to spell out details of their user tracking techniques? Too many web sites use the phrase "basic user information such as..." in their privacy policies, allowing them to give an incomplete list.