Slashdot Mirror

← Back to Stories (view on slashdot.org)

UK Cookie Consent Banners Draw Complaints

Posted by timothy on from the well-that's-a-surprise dept.

nk497 writes "Earlier this year, the UK's data watchdog the ICO started enforcing an EU rule that means websites must ask visitors before dropping cookies onto their computers. However, it was willing to accept 'implied consent' — telling visitors that cookies are used on the site, and assuming they were fine with that if they keep using the site. That led to banners popping up on every major website, including the ICO's site, warning users about cookies. Now, the ICO has revealed that many of the cookie-related complaints it's received in the past six months are actually about those banners — and the law itself. The ICO said people 'are unhappy with implied consent mechanisms, especially where cookies are placed immediately on entry to the site,' adding 'a significant number of people also raised concerns about the new rules themselves and the effect of usability of websites.'"

26 of 108 comments (clear)

  1. Baffled by Anonymous Coward · · Score: 3, Insightful

    Why do I need a law about cookies when I can very easily manage who I allow to put cookies on my machine? Why would I trust a third-party site to respect my wishes on cookies? This whole thing seems like government overreach to me.

    1. Re:Baffled by Trepidity · · Score: 2

      very easily manage

      I think you will find this is not true for the vast majority of people.

      However, this regulation doesn't seem to really improve matters, either.

      --
      10 PRINT CHR$(205.5+RND(1)); : GOTO 10
    2. Re:Baffled by GuldKalle · · Score: 2

      If they really wanted, they could have forced the browser makers to ask about cookies by default. More secure (no chances of sites deploying cookies behind your back) and more user friendly (user can change settings once and for all).

      --
      What?
  2. Irony by Rik+Sweeney · · Score: 5, Interesting

    These banners annoy the living crap out of me. Every time I go to a website, they pop up, obstructing the screen.

    Of course, there is a way to make them go away, by accepting the cookies on the website.

    Whereas before I could just discard cookies upon exit, I now have to permanently accept them just to stop these banners appearing.

    Oh, the irony!

    --
    Summation 2
    1. Re:Irony by Anonymous Coward · · Score: 2, Informative

      Use an adblocker to block the <div> they're related to. Job done!

    2. Re:Irony by wangi · · Score: 2

      Kwikfit: http://www.kwik-fit.com/
      (but in doing so, and giving four levels of cookie control it's way too complicated)

  3. Most users are not geeks by tepples · · Score: 5, Insightful

    Why do I need a law about cookies when I can very easily manage who I allow to put cookies on my machine?

    Because most users other than you have not been trained in how to "very easily manage who [they] allow to put cookies on [their] machine".

    1. Re:Most users are not geeks by IamTheRealMike · · Score: 4, Insightful

      You don't need to be trained. If you hear about this issue and care, you can just search on Google for "how to disable cookies" and get the main browsers help pages right at the top. This isn't exactly rocket science.

    2. Re:Most users are not geeks by Fallingcow · · Score: 4, Funny

      Is the Google in my Internet? I don't think I have the Google. My Internet is Comcast.

    3. Re:Most users are not geeks by dmacleod808 · · Score: 4, Funny

      you forget the subset of the population who does not fundamentally understand how to use google. Step 1. Go to google.com Step 2. Search for Yahoo. Step 3. Click on yahoo. Step 4. Search for gmail.

      --
      There Can Be Only One...
    4. Re:Most users are not geeks by Obfuscant · · Score: 4, Insightful
      It's a natural response to a computer system where you have to double click some things to get them to do something and single click others. Why waste time clicking once, waiting to find out that nothing happened, and then have to double click it again?

      Same computer, same mouse, same display, different actions.

      I find this to be an issue even in Linux. My desktop has a firefox icon on the desktop, and one in the taskbar at the top. On the desktop, click twice. In the taskbar, click once. I'm very used to seeing the warning from firefox that there is another instance running ...

    5. Re:Most users are not geeks by tepples · · Score: 2

      All anyone really has to know is that: web sites use cookies, and what are the simplest, most basic ways that they are used by web sites. Then you use the cookie managing settings in your browser

      That's not enough. Adobe Flash Player has its own cookie storage, for one, and HTML5 added localStorage.

      Do you really have to be a geek to get that far?

      Yes. As new web technologies add new techniques for saving the state between one offline session and the next, users will need to find new ways to manage these stores of state.

      Rather than passing a law that, in saving the most ignorant from themselves, inconveniences everyone else, why not try to educate people a little, instead?

      Because education doesn't get politicians reelected.

    6. Re:Most users are not geeks by frisket · · Score: 4, Insightful

      Setting application preferences is hardly a "skill."

      Oh yes it is. Most users have absolutely no idea you can even do this.

      Do you really have to be a geek to get that far?

      Unfortunately, yes.

    7. Re:Most users are not geeks by tlhIngan · · Score: 2

      If only there were some kind of way for people to find out how to drive, say through widespread knowledge of a training and licensing program by the state.

      Of course, people should be expected to understand and manage not just regular cookies, but the Flash database [also used for cookies], your browser local-storage [also used for cookies], and probably other places, and know how multiple websites may store/use one or more of these locations to track what you are doing when you visit a single web page. Of course, each browser handles each of these things differently.

      At which point do we decide that people "need to know this to use a computer" and "you don't need to know this"?

      After all, you need a license to drive, so they teach you the laws regarding the rules of the road and the courses tell you how to maneuver the car along the roads. But its not required to know, say, how to change your tire, how to check the oil, how to change the oil, etc. So there's some line that has to be drawn somewhere.

      Likewise, would scouring your hard drive for cookies be considered of "checking the oil" difficulty? Or a rule of the road? Hell, how many people even know about cookies?

      Or should we say everything that an iPad allows you to do should be required knowledge?

      Yes, users should know the basics, but what ARE the basics? Do we expect them to be techies?

      I mean, given the popularity of smartphones, tablets and other locked-down walled gardens, perhaps "basics" has gotten to the point where everyone who drives needs to know how give their car a tuneup, change the air filter, change the oil, etc. (And yes, you can go through car ownership without doing any of those things by bringing your car in for service and having the mechanic do it).

  4. Step 1... by fuzzyfuzzyfungus · · Score: 4, Insightful

    1. Law is passed in an attempt to curtail your behavior.

    2. You object to this law and wish to continue doing whatever the fuck you want.

    3. You implement the most annoying clickwrap contract-of-adhesion you can come up with to stay within the letter of the law, continue doing whatever the fuck you want, and imply to your customers that regulatory meany-heads are to blame for their experience sucking.

    4. Profit!

    1. Re:Step 1... by Anonymous Coward · · Score: 4, Informative

      By purposfully mis-interpreting the law, both in action as in "oh whoo me" bullsh*t messages going out to Joe public.

      For instance: websites do not need to ask for permission for cookies needed for the programs on the site itself needed to run it -- they are just not allowed to keep any identifiable info after the visitor leaves.

      As for a ruling most websites most often conveniently forget ? That they must provide information what they will do with the personal identifiable data once you accept that cookie.

      Oh yeah, and the minor point that its not actually about that cookie, but instead of them not being allowed to follow you (no matter the method, including stuf like 1x1 images on the webpage) as long as you do not agree to it.

      Yes, many of them they have interpreted the law either as not to effect them (for whatever reason), as a kind of EULA thing (You do not need to know what you are agreeing to, just click "OK" and all will be fine), or have created a popup hell for the user.

      Oh, by the way: Did you know that cookies without personal identifiable data in them are already exempt from that cookie law ? Meaning that something like a "FollowMe=No" cookie may be placed without even needing to ask the visitor ? I'm sure they do not (want to) know that either.

      Captcha: detach
      How fitting.

  5. Of COURSE There Are Complaints! by Y-Crate · · Score: 4, Funny

    They're not Biscuit Consent Banners!

  6. Typically devised by idiots by Anonymous Coward · · Score: 5, Insightful

    The cookies system of consent might be ok if they had been devised by three year olds, but having left it to overpaid politicians, they are not.

    Specifically:
    1. they popup for all sites
    2. they cost users money since its extra bandwidth; on mobiles with the crappy browsers, often clicking on ok, assuming you can actually hit the silly little X icon, result in a retransfer of the web page
    3. almost none of the web sites understand who you are, so you see them continuously
    4. they appear right in the middle of the (pitifully few words of) text which appear on most web sites
    5. they are difficult/impossible to block across the range of browsers a real user needs
    6. most people, myself included, have no clue what the point of this exercise is

    Sure, I dont want to be tracked - so just dont track me. Dont put pointless garbage on my screen which nobody cares about.

    Honestly, bring back the three year olds !

  7. Not so much about usability by Anonymous Coward · · Score: 2, Interesting

    Joe Schmoe is just going to click away the banner.
    I.e. usability of all the sites remains pretty much the same. It's just that every site now shows an irritating pop-up which any Joe Schmoe will click away before continuing the way things were in the first place.

    Net positive effect: Zero.
    Net negative effect: Nothing accomplished, all the same privacy issues are still there but it takes a click more to use those sites.

  8. Of course it is hard by mlwmohawk · · Score: 2

    The spirit of the law is to protect users. The people creating sites don't care, and are, in fact, hostile to any such consideration.

    In all reality, cookies enable some pretty good behavior on web sites, but more often than not, are designed to track user behavior against their own interests.

    1. Re:Of course it is hard by omnichad · · Score: 3, Funny

      cookies enable some pretty good behavior on web sites

      Right. If you don't block cookies using browser settings, the web site needs to store a cookie on your computer to remember that you don't want to store cookies!

  9. Mod Parent +1 Insightful by JoshDM · · Score: 4, Funny

    Dear Mom, I would give you all my moderator points if I had them. Now please stop using the computer. -Josh

  10. Comment removed by account_deleted · · Score: 5, Insightful

    Comment removed based on user account deletion

  11. Mobile Browsers by timmyf2371 · · Score: 2

    By now, I think we all get it - non-techies included; if we visit a website, we might get a cookie installed onto our computers. These intrusive banners have made that perfectly clear to the point where it is now extremely annoying.

    I especially hate it on my phone. Due to the nature of my interactions with apps like Twitter, I quite often end up visiting sites I've never visited before. And these floating banners with the X are incredibly difficult to close and get rid of - hampering my browsing experience.

    I understand that the people who came up with this idea probably had their heart in the right place, but seriously, it really needs to stop.

    --

    Backup not found: (A)bort (R)etry (P)anic
  12. Re:A Better Concern by Miamicanes · · Score: 2

    Basically, programming convenience and bug-avoidance. This is a particularly big deal with languages like PHP that embed server-side code into HTML content -- by the time your code realizes that it needs to store something in session context, the header has already been committed (and probably sent). It's not *completely* impossible to work around, but it's a major pain. It's much easier to just set the cookie and establish the session so it'll be there and ready to use when and if you end up needing it.

    In any case, the tantrums some people throw about cookies and "storage space" border upon absurd. The most low-end and ghetto throwaway Android phone money can buy has more ram and storage space than a high-end workstation did ~10 years ago. In some cases, it takes more storage space to store the cookie's filename than it takes to store the cookie's payload. Getting mad about being wantonly-tracked everywhere is one thing, but getting mad because a site is consuming a block of hard drive space or a few cells of flash (whose marginal cost is probably a fraction of what it cost to climate-control the air you just inhaled a moment ago) is silly.

  13. Without a cookie, you cannot log in by tepples · · Score: 2

    There is no benefit for their use to me on 90% of the pages I visit.

    All that tells me is that you browse more web sites as a visitor than as a registered user. Without a cookie, you cannot post on Slashdot as h4rr4r; you can only post as Anonymous Coward. Without a cookie, you cannot read your webmail. Without a cookie, you cannot buy things from online stores that use a shopping cart (your cart ID is stored in a cookie) or 1-click shopping (which requires being logged in); instead, you have to copy and paste all the SKUs into the window with the payment form. Or would you prefer that all web sites switch from cookies to HTTP basic authentication and that online stores require users to create an account in order to shop (so that the user ID can be used as the cart ID)?