EU's Cookie Law Should Crumble
from the not-a-good-situation dept
A bunch of folks have been sending in versions of this story about new EU cookie rules that will require anyone placing cookies on your computer to first get consent. This is the sort of law that is passed by people who don't understand the technology at all, and misinterpret "cookies" as automatically being malicious. This is the sort of thing that people who were first understanding the web got concerned about a decade ago, until they realized it was nothing to worry about. Except... it appears some people haven't quite figured that out yet, and tragically, they make laws in the EU.Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
Oddly familiar
[ link to this | view in chronology ]
Question...
Or are you Europeans too busy drinking wine, eating cheese, and trying to figure out how the fuck the EU got to be the Fourth Reich to do that kind of thing?
;)
[ link to this | view in chronology ]
Re: Question...
[ link to this | view in chronology ]
Re: Re: Question...
[ link to this | view in chronology ]
Re: Re: Question...
I'm sure there is. If it isn't strictly about network security, I'm kind of a technotard. I know a little about everything, and a lot about nothing.
Hell, I'm right now trying to figure out how to turn my amatuerish PDF eBook into a torrent file and get you fuckers reading it ;)
See? If I was one of those viscious raporist pirates, I'm sure I'd already know how to do that!
[ link to this | view in chronology ]
Re: Question...
[ link to this | view in chronology ]
Re: Question...
... Big Ole Grin
[ link to this | view in chronology ]
Governments... meddle.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Multisite tracking cookies do bother me. They don't announce themselves. They just track. I don't know what the proper remedy is. I am not claiming the regulation is the answer. Just saying I am bothered by them. I would estimate more would be bothered if they understood, but they don't.
Yes, there are tools to remedy the problem, but only the tech savvy know about them. I can't imagine the time it would take me to get my mom up to speed. It would be impossible.
I recommend TACO and BetterPrivacy firefox extensions. TACO will automatically setup opt-out cookie values for the famous tracking companies. BetterPrivacy will delete flash cookies (or cookie equivalents) upon browser close. Up until two months ago, I didn't even know about the existence of flash cookies.
[ link to this | view in chronology ]
Automatic Cookie Acceptance Mode
[ link to this | view in chronology ]
Re: Automatic Cookie Acceptance Mode
[ link to this | view in chronology ]
There is the normal cookie that nobody cares about and that can be easily deleted or viewed by anyone and there is the super-cookies like flash cookies that few know about it or the new standard DOM storage.
DOM Storage can be used to store large amounts of information that can then be upload to somewhere like the Halfnote app does.
https://developer.mozilla.org/en/DOM/Storage
It is starting to get a bit scary indeed.
The Flash cookies can store information too and can be controlled by a flash application that can record and store things. Is that not a bit scary?
[ link to this | view in chronology ]
so Your to rely on the ignorance and apathy of the general population to ignore security: "out of sight out of mind as it were!"
and re-enforces all the old law we already had availanle to protect our personal data streams and our personal copyrights....
theres a twist, using copyright for the protection of the people.... Not the Corporations.
think about it.
https://nodpi.org/2009/11/05/eu-telecoms-package-bad-news-for-advertisers/
"...
Personally I don’t see this as a bad thing because people need to be more aware of what data they are giving away and what it is being used for – so I am all for a little bit of inconvenience or annoyance to educate the general public on privacy. But many people will be annoyed about it.
However, on the positive side – this also means that tracking cookies (which are used by a countless number of advertising networks and behavioural profiling companies) and Local Stored Objects (LSO or Flash Cookies) – will now also have to present users with a clear explanation as to what they are, what they collect and what they will be used for.
As we saw in a recent research paper over 60% of consumers in the US do not want Behavioural Advertising so it is reasonable to assume the same would most probably apply with EU countries as well – in fact we may well see even more people opposed to it in EU states given the last couple of years of campaigning on the subject by privacy advocates (such as the members of this web site) meaning it is very much an issue which is in the public focus.
This is exactly what companies like Phorm and Audience Science did not want to happen – Opt-Out meant they could rely on the ignorance and apathy of the general population not to bother with opting out meaning they would capture a large percentage of the market without the consumers even knowing what was going on.
Now however, not only must they get permission from people (opt-in) but they also must give truthful and accurate information to consumers as to what they are doing – which is far more likely to illicit a reaction of NOT opting in as people do not want to be tracked.
This is going to hit the bottom lines of these companies very hard indeed and it is likely (in my opinion) that their revenues are in for a dramatic decline. I would be suprised if they can capture even 30% of the market with the new regulations – a long way from the current 90+% they probably have under Opt-Out models.
The changes would also make it illegal for companies to reset traditional cookies or gather behavioural information with Flash Cookies (LSO) without consent – which has become a new trend as advertisers realised they could bypass countermeasures which led to the deletion of their tracking cookies from users machines (such as deleting cookies when a browser is closed or only allowing session cookies – which are popular features of modern browsers and plugins).
Of course, as always – the devil is in the details. We need to keep pushing parliamentarians to make sure that this is added to UK law in an appropriate way.
....
"
[ link to this | view in chronology ]
Re: so Your to rely on the ignorance and apathy of the general population to ignore security: "out of sight out of mind as it were!"
The fundamental problem with this, is the majority of people don't want to be constantly bombarded with messages to allow or deny. This is one reason why so many people hated Vista's UAC.
Now, one way I could see that they could implement this, is only if it covers cookies not placed by the original domain. So if you go to example.com that site can place any cookies, but if an ad on that site from advertising.com it would request permission for it.
I still think this is a bad idea. The more security popups we get the less time we will take to read them until you just blindly click yes. Then we are no better than we were before except getting ticked off anytime the stupid popup comes up.
If you are worried about this, learn enough to be able properly use your browser. Whether you are making use of the features of the browser itself, or adding additional features with addons/plugins.
[ link to this | view in chronology ]
You all seem to have not understood the issue
Pinsent Masons (who are Out-Law.Com) represent some of the largest organisations in the UK from this industry so naturally their viewpoint is going to attempt to shroud the public from the real interpretation of the ammendments in order to make noise for their clients.
As was discussed last week at the BEUC 2009 Forums - the Telecoms Reform Package makes it very clear that the use of cookies which are needed to make the site function (such as login cookies, session cookies, shopping carts cookies etc.) will not require consent. Therefore the only cookies which will be effected by the regulations are 3rd party tracking cookies, marketing cookies etc. and is it a good thing that they should require Opt-In? Damn right it is.
Furthermore, there is no reason for these to acquire consent every single time as a single control setting could be provided to the user for persistent consent.
But more importantly, the ammendments are not just about cookies. They also protect the consumer from LSOs (Local Stored Objects aka Flash or Silverlight Cookies) which are being used more frequently to track consumers and even to respawn traditional cookies which users have deleted (which is so unethical it goes beyonds words). Also this new law will make drive-by adware/nagware/malware which are installed via active x controls and browser technologies - illegal without consent. It also expands even further in that it would outlaw the use of javascript to access a consumers browsing history.
It is interesting to see that Out-Law claim this ammendment was slipped in through the back door and no-one knew about it...utter rubbish. I was speaking to someone from the EU Parliament on Friday and they assured me that the 5(3) Ammendments were very strongly lobbied against by industry.
Message of the day? Actually do some research instead o just believing what you read on Out-Law.Com and you might develop a better understanding of the issues being debated.
Alexander Hanff
[ link to this | view in chronology ]
i miss the point
Good for the EU.
[ link to this | view in chronology ]
Cookies
http://www.maxa-tools.com
[ link to this | view in chronology ]
Deleting cookies and Killing Flash speeds up my PC
But I have to reinstall Linux to Kill Flashplayer.
But Linux reinstalls faster than Windows boots!
And I only have to do that when it slows down or
if I misspell my favorite websites
(and end up on everyone else's favorite websites).
But right now I'm pissed because Flashplayer installs
without permission even when its blocked, on any popular browser,
so I have to use open source ones with the Flash hacked out.
Flash LSO cookies have ROOTKITS in them,
and that means they let other people hack in and remote control
your computer!!! --- And STEAL stuff using your passwords too!
And spam your friends using your email.
Maybe I should move to Europe? :)
Where everyone knows more about computers than
the people who invented them forgot!
Web cookies are as yummy as a poop sandwich!
Social Network websites have more poop cookies than a dairy barn!!!
[ link to this | view in chronology ]