Sweden Crunches Cookies

← Back to Stories (view on slashdot.org)

Posted by michael on Friday July 25, 2003 @12:42AM from the chocolate-chip dept.

dillkvast writes "According to this article (swedish) at ComputerSweden swedish websites must now have the user's consent to use cookies. The law also states that the user is to be informed of what the information stored in the cookie is, and its intended use. This leaves swedish website with two options: No cookies at all, or a special page where the user is informed of the cookie use and can choose to either accept or reject the cookies. This represents a huge problem for swedish sites which use .asp and .php session variables, the article states, which will have to rewrite their sites to present the user with a chance to confirm that cookie use is ok. The law comes into force today."

5 of 401 comments (clear)

Min score:

Reason:

Sort:

mostly not a problem: by Neophytus · 2003-07-25 00:44 · Score: 4, Interesting

mostly not a problem:

do you want to remember my password (uses cookies) (x) yes ( )no
Most forum software has the option to use/not use cookies (and as such sessions are passed through urls) so that shouldn't be a problem either for non-lazy coders.

Actually, scratch that, most websites will just ignore the law and get on with life.
1. Re:mostly not a problem: by JRSiebz · 2003-07-25 01:19 · Score: 4, Interesting
  
  You're wrong.
  
  When you have user log-in to a particular part of the site, you need to store username, password information, and some other session variables in a cookie, so that on subpages within the part that needs to be logged into can check to see is the user is properly logged in. I like to check to see if the user is the actual user I think they are.
  
  I guess you've never used php before.
  Especically a for site you need to log into.
  Hope this law never passes in the US, if you dont want cookies from a site, don't go there.
  
  Does this low allow you to deny service to a user who doesn't accept the use of cookies?
2. Re:mostly not a problem: by orkysoft · 2003-07-25 02:15 · Score: 4, Interesting
  
  Seems like this law is all about outlawing cookies that often come with banner ads.
  
  --
  
  I suffer from attention surplus disorder.
Christ, what next by joshv · 2003-07-25 00:45 · Score: 4, Interesting

How is this any different than session IDs stored in URLs - i.e. URL re-writing. Sure, the person can see the info in the URL, but do they understand it any more than they would the contents of a cookie?

-josh
A compromise solution by mikech@rbsgi · 2003-07-25 00:51 · Score: 4, Interesting

A compromise solution would have been to disallow cookies that live longer that the user's session. Session cookies are very useful for JSP, PHP, etc. Long-lived (persistent) cookies are the real concern of the privacy folk. I'm surprised that no one presented this.