Cookies aren't egrigious because the end user has the right and ability to turn them off.
Cookies do help some of the time.
And above all else: You can always choose not to visit, use or buy from a site whose practices you do not agree with.
I agree fully. That's why I delete all cookies at browser shutdown except for those in my whitelist. I have the right to turn them off (or delete them in my case), they do help some of the time (which is why I leave them on and just delete them after the fact, making them into session cookies, essentially), and I can choose not to visit (or allow persistent cookies from) sites whose practices I don't agree with (and whitelist those whose practices I do agree with).:)
I don't mind when they ask for my zip code. Using a credit card will require that sometimes. However, the last time I went to them for some gear (and it will be the *last* time), they asked me for: -Zip -Phone number -If I wanted a free fucking magazine subscription -something else
I don't know what the last thing was because at that point I dropped the shit on the counter and walked out the door.
Most likely what you should be looking for is a feature not to disable cookies entirely, but only to allow
a) session-duration cookies ONLY, or
b) cookies associated with websites that don't collect personal information.
You need to re-read what I said. Your a) is basically exactly what I do. All persistent cookies become session cookies unless I whitelist your site.
Well, the fact that it doesn't work, for one. If you only delete cookies at shutdown, then for as long as you have your browser open (sometimes days, for me)...
Well, I don't do that. I generally close programs when I'm not using them. Although you could have it set to delete your cookies every hour, or whatever fits how you use your computer. The point isn't in the precise details, it's in the throwing of the monkey wrench into their tracking system.
Good luck getting another credit card after the first time you decide to pull that trick. You do know that all the credit-issuing banks communicate with the credit reporting agencies on a regular basis, right? And you do know what your credit score is, right?
My credit score is incredibly high. Mainly because I cancel credit cards when the card issuer starts being a dick. I stick with card companies who don't give me any problems.
So? Legal limitations only mean that the police can arrest people who violate those limitations. This won't stop someone who is determined to become a criminal from doing things which, legally, banks are not allowed to do. I work for a bank. There's all kinds of things I could do that go beyond those limitations, but I don't do them.
Agreed, but the consequences of those actions are pretty far reaching, therefore most banks don't have such issues. Really, this is a non-problem. I opt out whenever I can and don't deal with banks that screw people over. Do you do anything less?
Then, where will you get your black currant jelly?
It's a simple matter of what I can protect by my actions.
In order to purchase something online, I have to give that CC info. There's really no way around it. Once they have it, there's little I can do to stop them using it in various ways. I can take very little action to protect it at that point.
Site visit info I can defeat myself, just by blocking/deleting cookies. So I do just that. If I can take some form of action to prevent them from storing my CC info, I do that too, but most online stores don't have that option.
I would rather them not store any info about me at all. So I prevent them from storing what I can prevent them from storing, that's all.
Because we're not paranoid nutjobs and we grasp the concept that corporations are groups of people?
Yes, exactly. And groups of people are capable of making decisions that no individual in that group would consider reasonable, sane, or even good.
Have you never been involved on a committee?:P
Corporations, at worst, provide anonymity for individual decisions makers.
Decisions made in larger organizations generally don't have single decision makers, they produce teams to make decisions, or a board and such. These people work off recommendations of other teams, and in the end, they can make decisions that are incredibly stupid and which any one person would be able to look at and say "what the fuck were you people thinking?"
The point here is that a person is generally sane. But a group is generally a mob. Groups behave differently than individuals, and they do so in fundamental ways. Groups can even commit great evils without blinking, so you always have to be careful when dealing with a group, or a corporation.
It's actually quite a widespread thing. I forget where I initially heard it, but nowdays when I suggest it to people, they agree and understand why without me having to explain it, more often than not.:)
If you go to any kind of internet gathering, get everybody there to swap theirs around. Get them to do it at other long distance gatherings. If anybody's watching the data, it will appear that people are moving across the country way more than normal. Completely shoots their data mining to hell too, if you can get enough people involved. So spread the word.:D
Well now that depends, what if you are going to buy widget X from some store, but this one store that pays attention to you realizes this ahead of time so they put a price on widget X that is 10% lower than everyone elses?
If they can sell that widget for lower than everyone else and think that they'll actually make more profit, then why weren't they doing that before? Why isn't their regular price 10% below everyone else's?
I've seen this argument a fair amount in this thread, and frankly I don't see that customized pricing on the individual level makes any sense. It doesn't allow them to get their profits up any, because people generally don't look for items on a product by product basis. They do comparison shop for larger items, but these are few and far between. For the vast majority of stuff I buy, I buy it at places that have consistently good prices and who have good service.
For online purchases that means fast delivery, low prices, not trying to rape me on shipping costs, and good customer support if I have a problem or need to make a return. Lowest price might get me to try a store once, but it won't keep me coming back. I know lots of stores that I'll never use again because they screwed me on shipping costs on my first purchase.
Personalized prices will make me leave a store and not shop there, period. Because while they might have a good price, I know that they might be simply screwing me when they could sell it lower if I had some kind of different "profile" in their system. No, fuck that. You give me the lowest price you can handle all the time. It doesn't always have to be the lowest in the world for me to buy it from you. I'll pay more for better service.
But I will absolutely not abide you treating me as a "profile" and charging me more than you have to because you think you can get away with it based on what you know about me. That's just exploiting your data collection and trying to screw me over. No thanks.
Get adblock, only allow cookies to be set by the originating website and use a hosts file that blocks most ad sites and then you won't have to worry about it.
Holy crap that's a lot of work. I simply changed my preferences to "delete cookies at shutdown" and then add sites I want to remember me on a site-by-site basis.
Far, far simpler. Far, far more effective. When I find a new site and decide I want them to remember me, I simply add that new site to the whitelist. No hosts file slowdown (and no need to maintain the hosts file), no need to change any settings which don't work in the long run (what if I visit originating website directly somehow?), no need to use an adblocker (not for that purpose anyway). It's simple, it's low maintainance, it's more effective. What isn't there to like? So it screws up some poorly designed website's privacy-invading user-tracking statistical analysis. Tough shit to them then.
As you said technology to track from website to website and identify a person is unavailable at this point, so your privacy remains intact.
Dunno where I said that. As soon as you make a purchase, he has your information. By placing his banner ads on other websites he can have his cookie sent back to him when you view that ad. Voila, personalized, site-to-site, tracking.
He already has the stuff to do it in place, with just one persistent cookie. So I block them all until I trust that site. Simple.
When I say "know their customers" i dont mean that they know them individually, i mean that they know the general inclinations, trends, etc about their customer base as a whole.
Fair enough, but getting that data doesn't mean that they need to individually enumerate every customer with an individual ID and track their every movement and have the ability to look at what each of them does on a second by second basis.
It's not that they actually *use* that potential. But the potential is there nevertheless. The potential of adding a unique ID, persistent cookie, is going way, way, WAY beyond just "getting aggregate data", even if that does happen to be all they actually use it for.
And honestly, you make almost no differnce to those people if you individually dont want cookies. That doesnt make you any differnt than most privacy advocates who simply like to remain safely anonymous.
Individually, no, but then again, look at the original article that we're debating in the first place. When enough individuals start taking action, they have an impact.
Oh, and it certainly benefits the customer if the business uses that information to change how it stocks or even what it stocks to better serve demand. That lowers costs, which leads to lower prices.
My problem is not in them having aggregate information. My problem is that the way they obtain that information does not agree with the information that they are claiming to obtain. They don't need to track every user of their website from page to page on a persistant basis to know most of the things that you are suggesting. It's overkill, by a huge amount.
Every business in existance wants to do one thing; sell you stuff. If you can't see how tracing someone's path through a website to a purchase may make it easier for them to sell more stuff then you are an idiot. If you can't see how a store wanting it to be easier to sell you stuff is better for you then you are an idiot.
I see those things perfectly clearly. However, unlike yourself, I also see that they probably do not have my best interests in mind when they are trying to "sell me stuff". My best interest is to deny them the ability to more effectively sell me stuff and use my own damn brain to decide what I want to buy, eh?
Knowing if you are the same person is the difference between saying "only 1 out of 3 people ever buy anything" and "People visit our site 3 times before buying something"
Why does he need a cookie to determine that information? Answer: He doesn't. He could base it on IPBlock for that matter. Dynamic IP problems are usually solved by considering it as a netblock instead of on an IP by IP basis. Yes, it fuzzs up the data a bit, but not enough to be unable to say "people visit 3 times before buying anything". I mean, that's a pretty fuzzy statement already.
The point being that despite what he says, he doesn't need to set a cookie to get that infomation. He *does* need a cookie to correlate who I am with what I look at on his site. And I don't want him to have that info. Sorry, but no sale. Without him telling me why he's tracking my views of his site, I cannot know what he's doing. And even then, I'd have to trust what he tells me.
In any case, cookies are being deleted regularly nowadays, so he'll have to stop being so lazy and actually track by IP, which is what he should have done in the first frickin' place instead of gathering way more data than he actually needed and thus invading the privacy of his customers.
If the said company already has your information, why does it matter if they know how often you come to their site, and where you go on the site, and which sites they get click throughs from?
Getting my name and credit card number is trivial. So is getting yours. Anybody could have that, it's mostly freely available information if you're not completely clueless. In other words, that's not information I try overly hard to protect.
Companies collect this information in aggregate, nobody cares about you and the few pages you looked at unless they have data for thousands of other people as well.
I agree, however, do you think they throw this data away after they have their aggregate information? No, because they might want to sort it by some other thing later and draw different info from it.
So all that raw data is lying around somewhere. And if I happen, later down the line, to piss somebody with access to that data off (this is not as much of a long shot as you might think, I piss a lot of people off regularly) then they might go mining that data for info about me to use against me in some fashion.
Now yes, that is a little paranoid... But it's so simple to eliminate that entirely by simply muddying up the data trail that it's a simple cost-benefit thing. It costs me nothing to muddy up the data a bit, and the potential benefit is small, but more than nothing. So QED, might as well do it. It hurts me not in the slightest to do just that.
That isn't assessing risk on a case by case basis, its ASSUMING high risk and contravention and only later opening up.
Assessing risk on a case by case basis would mean you think both +ve and -ve and get to an answer. Saying NO! everytime just indicates that you are either paranoid or work in Microsoft desktop support.
But removing persistent cookies isn't a "NO!" response. A NO! would be blocking cookies entirely. That's my -ve position.
My +ve position is whitelisting, allowing persistent cookies.
But my neutral position is the default one. Allowing persistant cookies, but changing them into session cookies (essentially). This allows all the persistant cookie crap to actually work properly, but doesn't allow the person to track me across sessions. That's the "don't know yet" position. When I have enough info to know, then I either block or allow the site to set cookies.
"Knowing me" means knowing my name, shaking hands, asking me about things we've discussed in the past. That's being friends with somebody. That's knowing them. That's what your idea of the "clerk who recognizes your face" is about, no? The little guy running the corner market, sort of thing.:P
Some dude running a website on the opposite side of the country will never know me. At best, he'll know what I've bought from him and other website owners that he shares information with or advertises with. Knowing what I buy doesn't mean he "knows me". It means he's treating me as an impersonal entity to be exploited, somebody to attempt to get more money from. It doesn't mean he's treating me as a fellow human being deserving of respect and friendship.
No, fuck that, I'll remain a stranger to that guy across the country running a website, and I'll know the guy who sells me my fresh fruit down on the corner market, and I'm quite comfortable with that and don't see it as a conflict whatsoever.
Do you insist the security tapes are turned over when you shop at stores?
If I thought it feasible, yes, I would. It's not feasible, so no, I don't.
Do you pay only in cash? Its hard to pay cash online, but presumably you use credit cards. Why do you trust them with your info? Its easy to track where you shop with that.
I trust my credit card company, because hey, it's their money I'm spending. If they decide to be bastards, then I'll just not freakin' pay 'em.;-)
Do you know the people at your bank?
I know that a bank has legal limitations on how it can deal with customer information and I'm comfortable with those limitations.
How about the people at the stores you shop at? Do you not use any of those shopper cards at the grocery store (I don't)? No Costco membership, or library card?
I have a grocery card. It says I'm a 57 year old black woman named "Monica". Or at least it did, I've traded with other people several times. Dunno who's identity I'm shopping with now.:)
You know, you're logged into/., do you trust the people there with knowledge of what stories interest you?
I read nearly every story on/. at one point or another, so it's not like there's a lot of information to be gleaned from that one.:P
Feel happy in your paranoia, me I just assess risk on a site by site, and business by business basis.
How in the hell is that any different from what I actually said? I delete all cookies, and whitelist the people I trust to not delete their cookies. Is that any different from "assessing risk on a site by site basis"? Once I feel comfortable that he's not going to abuse this info, then I might whitelist him. Until then, why in the hell would I want to give him the capability to track my browsing easily?
I'm sure that you're not suggesting that you buy things from websites that you dont trust....
Why not? Buying things online means, at worst, giving out info from a credit card. If they prove untrustworthy, then I call up the credit card company and reverse the charge. Trust does not have to be involved to engage in a purchase. You buy from people you don't any basis of trust for all the time.
However, WTF would he need to know I came back to his site later? WTF would he need to know that I visited his site several times over a period of a week and eventually purchased something? Why would he need to know what products I looked at each of those times I visited? That information could be used to build up information about me that I might not want him to have. He doesn't have need for that information, and since I don't trust him, I should attempt to deny him the ability to collect that information.
Furthermore, if he's a marketer, he can place his ads on several sites and track me via cookies from site to site. He can see what sites I frequent, he can see my reading habits... once I buy something from a site, he can track that and correlate all this to my identity.
I'm not paranoid, because I don't think anybody is actually doing this sort of thing at the moment. However, the capability is there. I remove cookies to make this sort of thing that much harder to accomplish. Not because I think they are doing it, but because the potential is there for them to do it.
only incidently linked to their contact info because we never correlated the data together... Does that still make me evil?
Yep.
If you have the *ability* to do it, then somebody in your organization eventually will decide that it sounds like a good idea.
This is why all my browsing is cookie-free (or rather, cookies being allowed on a whitelist basis and everything else removed on browser shutdown). I don't want you to have that ability to track what I do on your site for very long. Regardless of whether you use that ability or not, I don't trust you to behave properly with that information. Why should I? I don't know you.
Slashdot Mirror
And what happens when they do correlate everything? What exactly are you trying to prevent from happening?
Wrong question. The correct question is what do I have to gain by them amassing this info on me and my activities?
I can't think of anything that would be to my benefit, which is more than enough reason to put a stop to it, IMO.
Cookies aren't egrigious because the end user has the right and ability to turn them off.
:)
Cookies do help some of the time.
And above all else: You can always choose not to visit, use or buy from a site whose practices you do not agree with.
I agree fully. That's why I delete all cookies at browser shutdown except for those in my whitelist. I have the right to turn them off (or delete them in my case), they do help some of the time (which is why I leave them on and just delete them after the fact, making them into session cookies, essentially), and I can choose not to visit (or allow persistent cookies from) sites whose practices I don't agree with (and whitelist those whose practices I do agree with).
I don't mind when they ask for my zip code. Using a credit card will require that sometimes. However, the last time I went to them for some gear (and it will be the *last* time), they asked me for:
-Zip
-Phone number
-If I wanted a free fucking magazine subscription
-something else
I don't know what the last thing was because at that point I dropped the shit on the counter and walked out the door.
Never again will I return there.
Most likely what you should be looking for is a feature not to disable cookies entirely, but only to allow
a) session-duration cookies ONLY, or
b) cookies associated with websites that don't collect personal information.
You need to re-read what I said. Your a) is basically exactly what I do. All persistent cookies become session cookies unless I whitelist your site.
Well, the fact that it doesn't work, for one.
If you only delete cookies at shutdown, then for as long as you have your browser open (sometimes days, for me)...
Well, I don't do that. I generally close programs when I'm not using them. Although you could have it set to delete your cookies every hour, or whatever fits how you use your computer. The point isn't in the precise details, it's in the throwing of the monkey wrench into their tracking system.
Good luck getting another credit card after the first time you decide to pull that trick. You do know that all the credit-issuing banks communicate with the credit reporting agencies on a regular basis, right? And you do know what your credit score is, right?
:P
My credit score is incredibly high. Mainly because I cancel credit cards when the card issuer starts being a dick. I stick with card companies who don't give me any problems.
So? Legal limitations only mean that the police can arrest people who violate those limitations. This won't stop someone who is determined to become a criminal from doing things which, legally, banks are not allowed to do. I work for a bank. There's all kinds of things I could do that go beyond those limitations, but I don't do them.
Agreed, but the consequences of those actions are pretty far reaching, therefore most banks don't have such issues. Really, this is a non-problem. I opt out whenever I can and don't deal with banks that screw people over. Do you do anything less?
Then, where will you get your black currant jelly?
I'm a grape man myself.
It's a simple matter of what I can protect by my actions.
In order to purchase something online, I have to give that CC info. There's really no way around it. Once they have it, there's little I can do to stop them using it in various ways. I can take very little action to protect it at that point.
Site visit info I can defeat myself, just by blocking/deleting cookies. So I do just that. If I can take some form of action to prevent them from storing my CC info, I do that too, but most online stores don't have that option.
I would rather them not store any info about me at all. So I prevent them from storing what I can prevent them from storing, that's all.
Where did advertising come into this? I wasn't speaking about ads at all. We're talking about cookies here, not adblocking.
Because we're not paranoid nutjobs and we grasp the concept that corporations are groups of people?
:P
Yes, exactly. And groups of people are capable of making decisions that no individual in that group would consider reasonable, sane, or even good.
Have you never been involved on a committee?
Corporations, at worst, provide anonymity for individual decisions makers.
Decisions made in larger organizations generally don't have single decision makers, they produce teams to make decisions, or a board and such. These people work off recommendations of other teams, and in the end, they can make decisions that are incredibly stupid and which any one person would be able to look at and say "what the fuck were you people thinking?"
The point here is that a person is generally sane. But a group is generally a mob. Groups behave differently than individuals, and they do so in fundamental ways. Groups can even commit great evils without blinking, so you always have to be careful when dealing with a group, or a corporation.
It's actually quite a widespread thing. I forget where I initially heard it, but nowdays when I suggest it to people, they agree and understand why without me having to explain it, more often than not. :)
:D
If you go to any kind of internet gathering, get everybody there to swap theirs around. Get them to do it at other long distance gatherings. If anybody's watching the data, it will appear that people are moving across the country way more than normal. Completely shoots their data mining to hell too, if you can get enough people involved. So spread the word.
Well now that depends, what if you are going to buy widget X from some store, but this one store that pays attention to you realizes this ahead of time so they put a price on widget X that is 10% lower than everyone elses?
If they can sell that widget for lower than everyone else and think that they'll actually make more profit, then why weren't they doing that before? Why isn't their regular price 10% below everyone else's?
I've seen this argument a fair amount in this thread, and frankly I don't see that customized pricing on the individual level makes any sense. It doesn't allow them to get their profits up any, because people generally don't look for items on a product by product basis. They do comparison shop for larger items, but these are few and far between. For the vast majority of stuff I buy, I buy it at places that have consistently good prices and who have good service.
For online purchases that means fast delivery, low prices, not trying to rape me on shipping costs, and good customer support if I have a problem or need to make a return. Lowest price might get me to try a store once, but it won't keep me coming back. I know lots of stores that I'll never use again because they screwed me on shipping costs on my first purchase.
Personalized prices will make me leave a store and not shop there, period. Because while they might have a good price, I know that they might be simply screwing me when they could sell it lower if I had some kind of different "profile" in their system. No, fuck that. You give me the lowest price you can handle all the time. It doesn't always have to be the lowest in the world for me to buy it from you. I'll pay more for better service.
But I will absolutely not abide you treating me as a "profile" and charging me more than you have to because you think you can get away with it based on what you know about me. That's just exploiting your data collection and trying to screw me over. No thanks.
Exactly my point. They don't care about me as a person, they just want to figure out how to extract more money. No thanks, I'll pass on that one.
Get adblock, only allow cookies to be set by the originating website and use a hosts file that blocks most ad sites and then you won't have to worry about it.
Holy crap that's a lot of work. I simply changed my preferences to "delete cookies at shutdown" and then add sites I want to remember me on a site-by-site basis.
Far, far simpler. Far, far more effective. When I find a new site and decide I want them to remember me, I simply add that new site to the whitelist. No hosts file slowdown (and no need to maintain the hosts file), no need to change any settings which don't work in the long run (what if I visit originating website directly somehow?), no need to use an adblocker (not for that purpose anyway). It's simple, it's low maintainance, it's more effective. What isn't there to like? So it screws up some poorly designed website's privacy-invading user-tracking statistical analysis. Tough shit to them then.
As you said technology to track from website to website and identify a person is unavailable at this point, so your privacy remains intact.
Dunno where I said that. As soon as you make a purchase, he has your information. By placing his banner ads on other websites he can have his cookie sent back to him when you view that ad. Voila, personalized, site-to-site, tracking.
He already has the stuff to do it in place, with just one persistent cookie. So I block them all until I trust that site. Simple.
When I say "know their customers" i dont mean that they know them individually, i mean that they know the general inclinations, trends, etc about their customer base as a whole.
Fair enough, but getting that data doesn't mean that they need to individually enumerate every customer with an individual ID and track their every movement and have the ability to look at what each of them does on a second by second basis.
It's not that they actually *use* that potential. But the potential is there nevertheless. The potential of adding a unique ID, persistent cookie, is going way, way, WAY beyond just "getting aggregate data", even if that does happen to be all they actually use it for.
And honestly, you make almost no differnce to those people if you individually dont want cookies. That doesnt make you any differnt than most privacy advocates who simply like to remain safely anonymous.
Individually, no, but then again, look at the original article that we're debating in the first place. When enough individuals start taking action, they have an impact.
Oh, and it certainly benefits the customer if the business uses that information to change how it stocks or even what it stocks to better serve demand. That lowers costs, which leads to lower prices.
My problem is not in them having aggregate information. My problem is that the way they obtain that information does not agree with the information that they are claiming to obtain. They don't need to track every user of their website from page to page on a persistant basis to know most of the things that you are suggesting. It's overkill, by a huge amount.
Every business in existance wants to do one thing; sell you stuff. If you can't see how tracing someone's path through a website to a purchase may make it easier for them to sell more stuff then you are an idiot. If you can't see how a store wanting it to be easier to sell you stuff is better for you then you are an idiot.
I see those things perfectly clearly. However, unlike yourself, I also see that they probably do not have my best interests in mind when they are trying to "sell me stuff". My best interest is to deny them the ability to more effectively sell me stuff and use my own damn brain to decide what I want to buy, eh?
Knowing if you are the same person is the difference between saying "only 1 out of 3 people ever buy anything" and "People visit our site 3 times before buying something"
Why does he need a cookie to determine that information? Answer: He doesn't. He could base it on IPBlock for that matter. Dynamic IP problems are usually solved by considering it as a netblock instead of on an IP by IP basis. Yes, it fuzzs up the data a bit, but not enough to be unable to say "people visit 3 times before buying anything". I mean, that's a pretty fuzzy statement already.
The point being that despite what he says, he doesn't need to set a cookie to get that infomation. He *does* need a cookie to correlate who I am with what I look at on his site. And I don't want him to have that info. Sorry, but no sale. Without him telling me why he's tracking my views of his site, I cannot know what he's doing. And even then, I'd have to trust what he tells me.
In any case, cookies are being deleted regularly nowadays, so he'll have to stop being so lazy and actually track by IP, which is what he should have done in the first frickin' place instead of gathering way more data than he actually needed and thus invading the privacy of his customers.
If the said company already has your information, why does it matter if they know how often you come to their site, and where you go on the site, and which sites they get click throughs from?
Getting my name and credit card number is trivial. So is getting yours. Anybody could have that, it's mostly freely available information if you're not completely clueless. In other words, that's not information I try overly hard to protect.
Companies collect this information in aggregate, nobody cares about you and the few pages you looked at unless they have data for thousands of other people as well.
I agree, however, do you think they throw this data away after they have their aggregate information? No, because they might want to sort it by some other thing later and draw different info from it.
So all that raw data is lying around somewhere. And if I happen, later down the line, to piss somebody with access to that data off (this is not as much of a long shot as you might think, I piss a lot of people off regularly) then they might go mining that data for info about me to use against me in some fashion.
Now yes, that is a little paranoid... But it's so simple to eliminate that entirely by simply muddying up the data trail that it's a simple cost-benefit thing. It costs me nothing to muddy up the data a bit, and the potential benefit is small, but more than nothing. So QED, might as well do it. It hurts me not in the slightest to do just that.
That isn't assessing risk on a case by case basis, its ASSUMING high risk and contravention and only later opening up.
Assessing risk on a case by case basis would mean you think both +ve and -ve and get to an answer. Saying NO! everytime just indicates that you are either paranoid or work in Microsoft desktop support.
But removing persistent cookies isn't a "NO!" response. A NO! would be blocking cookies entirely. That's my -ve position.
My +ve position is whitelisting, allowing persistent cookies.
But my neutral position is the default one. Allowing persistant cookies, but changing them into session cookies (essentially). This allows all the persistant cookie crap to actually work properly, but doesn't allow the person to track me across sessions. That's the "don't know yet" position. When I have enough info to know, then I either block or allow the site to set cookies.
If they know their customers a little better...
:P
But they don't know me. They will never know me.
"Knowing me" means knowing my name, shaking hands, asking me about things we've discussed in the past. That's being friends with somebody. That's knowing them. That's what your idea of the "clerk who recognizes your face" is about, no? The little guy running the corner market, sort of thing.
Some dude running a website on the opposite side of the country will never know me. At best, he'll know what I've bought from him and other website owners that he shares information with or advertises with. Knowing what I buy doesn't mean he "knows me". It means he's treating me as an impersonal entity to be exploited, somebody to attempt to get more money from. It doesn't mean he's treating me as a fellow human being deserving of respect and friendship.
No, fuck that, I'll remain a stranger to that guy across the country running a website, and I'll know the guy who sells me my fresh fruit down on the corner market, and I'm quite comfortable with that and don't see it as a conflict whatsoever.
Do you insist the security tapes are turned over when you shop at stores?
;-)
:)
/., do you trust the people there with knowledge of what stories interest you?
/. at one point or another, so it's not like there's a lot of information to be gleaned from that one. :P
If I thought it feasible, yes, I would. It's not feasible, so no, I don't.
Do you pay only in cash? Its hard to pay cash online, but presumably you use credit cards. Why do you trust them with your info? Its easy to track where you shop with that.
I trust my credit card company, because hey, it's their money I'm spending. If they decide to be bastards, then I'll just not freakin' pay 'em.
Do you know the people at your bank?
I know that a bank has legal limitations on how it can deal with customer information and I'm comfortable with those limitations.
How about the people at the stores you shop at? Do you not use any of those shopper cards at the grocery store (I don't)? No Costco membership, or library card?
I have a grocery card. It says I'm a 57 year old black woman named "Monica". Or at least it did, I've traded with other people several times. Dunno who's identity I'm shopping with now.
You know, you're logged into
I read nearly every story on
Feel happy in your paranoia, me I just assess risk on a site by site, and business by business basis.
How in the hell is that any different from what I actually said? I delete all cookies, and whitelist the people I trust to not delete their cookies. Is that any different from "assessing risk on a site by site basis"? Once I feel comfortable that he's not going to abuse this info, then I might whitelist him. Until then, why in the hell would I want to give him the capability to track my browsing easily?
I'm sure that you're not suggesting that you buy things from websites that you dont trust....
Why not? Buying things online means, at worst, giving out info from a credit card. If they prove untrustworthy, then I call up the credit card company and reverse the charge. Trust does not have to be involved to engage in a purchase. You buy from people you don't any basis of trust for all the time.
However, WTF would he need to know I came back to his site later? WTF would he need to know that I visited his site several times over a period of a week and eventually purchased something? Why would he need to know what products I looked at each of those times I visited? That information could be used to build up information about me that I might not want him to have. He doesn't have need for that information, and since I don't trust him, I should attempt to deny him the ability to collect that information.
Furthermore, if he's a marketer, he can place his ads on several sites and track me via cookies from site to site. He can see what sites I frequent, he can see my reading habits... once I buy something from a site, he can track that and correlate all this to my identity.
I'm not paranoid, because I don't think anybody is actually doing this sort of thing at the moment. However, the capability is there. I remove cookies to make this sort of thing that much harder to accomplish. Not because I think they are doing it, but because the potential is there for them to do it.
only incidently linked to their contact info because we never correlated the data together ...
Does that still make me evil?
Yep.
If you have the *ability* to do it, then somebody in your organization eventually will decide that it sounds like a good idea.
This is why all my browsing is cookie-free (or rather, cookies being allowed on a whitelist basis and everything else removed on browser shutdown). I don't want you to have that ability to track what I do on your site for very long. Regardless of whether you use that ability or not, I don't trust you to behave properly with that information. Why should I? I don't know you.