Slashdot Mirror

← Back to Stories (view on slashdot.org)

"Breathtakingly Stupid" EU Cookie Law Passes

Posted by kdawson on from the uac-plus-plus dept.

Reader whencanistop writes with some details on an upcoming EU law that slipped under the radar as it was part of the package containing the "three strikes" provision, which attracted all the attention and criticism. "A couple of weeks ago we discussed the EU cookie proposal, which has now been passed into law. While the original story broke on the Out-law blog from a law perspective ('so breathtakingly stupid that the normally law-abiding business may be tempted to bend the rules to breaking point'), there has now been followup from a couple of industry insiders. Aurelie Pols of the Web Analytics Association has blogged on how this will affect websites that want to monitor what people are looking at on their sites, while eConsultancy has blogged on how this will impact the affiliate industry. In all of this the general public is being ignored — the people who, if the law is actually implemented, will have to proceed through ridiculous screens of text every time they access a website. I know most of you guys hate cookies in general, but they are vital for websites to know how people are accessing the sites so they can work out how to improve the experience for the user."

4 of 447 comments (clear)

  1. Re:I don't see the stupidity here by alta · · Score: 5, Insightful

    I know this isn't going to be looked on well here, but here are my pro cookie, pro marketing comments...

    1. Someone above complained about companies selling the data that they collect. As though it's the most terrible thing in the world to do. Guess what, every company that collects demographics about customers (grocery stores by example, the only way to not get tracked it to pay by cash. You don't need one of their store cards because they'll match your banking account numbers and STILL build a profile) and then sells them. How many useful websites on the internet are driven by 1. Selling demographics, 2.) Ad revenue. Making cookies opt-in kills both of those things. How much is /. charging you guys? Ask them what'll happen to their ad revenue if cookies are suddenly opt-in. Yeah, they can still technically serve the ads, but they will no longer be as accurate to the viewer, nor will they be tracked as well... meaning less profitable for the ad agency and the publisher.

    2. Affiliate marketing... There are a lot of other sites with good information (a book review site comes to mind) that I enjoy. They all keep the site running by giving affiliate links to the products, say to a book on amazon. Kill that for them, and you kill their revenue.

    So, would you propose that the people running these sites force the customer to consent before they allow them to use their services?? No, that won't work because they can only make them accept to their cookie, not the one downstream they actually get paid on. People have been so scared from cookie FUD that they will deny %90 of the time, and STILL kill many sites because their revenue has dried up.

    I think this law, if they have to make one, should be more specific and say what you CAN'T use cookies for.

    AND btw, affiliate links would be fine if we could JUST identify the computer, we do not need to identify the individual.

    --
    Do not meddle in the affairs of sysadmins, for they are subtle, and quick to anger.
  2. Re:I RTFA and don't find it to be all that bad at by MoralHazard · · Score: 5, Insightful

    Yeah, total agreement, here. This stupidly transparent, self-serving quote says it all:

    "...but they is vital for websites to know how people are accessing the sites so they can work out how to improve the experience for the user."

    User experience? WTF? Sorry,but the only reason you need invisible-to-the-user cookies is so you can monetize them without them realizing just how much privacy/anonymity they're giving up. Because that might give users pause before they accept your cookies, if they had an informed choice.

    And everybody here knows that. The quoted jackass in TFS is just trying to make his industry look like a victim, to drum up support from civil-liberties sympathizers on Slashdot. Too bad we're not that dumb...

    As an employee of the advertising industry, I have zero problems with monetizing Internet traffic, or with using cookies to track user behavior, etc., etc. But I hate liars, and I hate people who try to manipulate me.

  3. All cookies are always used with consent. by Anonymous Coward · · Score: 5, Insightful

    Now, what else are cookies used for, that consent should not need to be given for?

    This is an irrelevant and distracting question, because cookies are always used with consent.

    A web server replies, in response to a request initiated by the user, with a header that says, "Here's a little piece of information and I hope you pass this back to me on subsequent requests."

    The user's agent -- software chosen by the user to do whatever it is that they're trying to do -- sees this completely advisory information and decides, perhaps even with a confirmation dialog with the user (or not, if the user has decided that they usually want the same behavior every time without getting bothered), to store this information. And then it decides to pass this information with the next request.

    The entity the user is communication with, ultimately has no choice about whether or not the user really does this. It's all up to the person who is using the browser. Or, in very old browsers that don't have dialog preferences for cookies, it's all up to the browser's author, to whom the user decided to defer to when they install the software.

    Cookies don't do things. Users do things with cookies. Servers reward users for deciding to send the cookie.

    If you have chosen to transmit cookies, take responsibility for your decision, instead of crying to the government and demanding that cookies never be offered to you.

  4. Re:I don't see the stupidity here by KlaymenDK · · Score: 5, Insightful

    The stupidity is this:

    You can, could, and still will be able to block cookies in your browser, so whatever web site operators are doing with them, it isn't going to affect your privacy or "trackability".

    But, it sounds as if this new law requires the web site operators to show you screen after screen of "permissions" to continue. These permission requests are stupid as EULA dialogs, Vista-like "admin authorisation" dialogs, etc, because they (a) don't offer a meaningful change in values (be it trackability or privacy), and (b) annoy the hell out of users. I won't go into how (c) these crap warnings numb users to real warnings, which they will also mindlessly click through.

    I can't decide whether this is Brazil-style bureaucracy galore, or Eastern Standard Tribe-style anti-productivity warfare.

    --
    "Good news, everyone!"