Wedge

The argument is that a plugin should be created similar to the one in SMF by Emanuele, except that it's a bit different as it's not possible to modify core behaviour like that with a plugin, meaning we pretty much have to do it in the core - though we can leave it disabled by default.

it is all about stupid people who don't understand how the internet (or computers, in general) work.
Someone said "this site puts a cookie on my machine that stores my frequently used info for that site"
they heard "ZOMG, they are invading our privacy!"

I will not be implementing the SMF version of this, regardless of what the US does...If they feel like coming after me, I'll take them to court over it (and I'll win, guaranteed)

It might surprise you to know that not everybody is as computer-literate or internet-savvy as you may be but that certainly doesn't make them stupid.

When I read posts such as yours, I really do wonder if those who are opposed to laws to protect privacy aren't putting their personal prejudices and bank balances before their site users' rights to privacy - and, incidentally, your own right to privacy since I'm quite certain you visit web sites that you don't own or control.Words are cheap and it's easy to say when there is no legislation in place. But will you be quite so gung-ho about this issue when (not if) similar laws are enacted in the US? If you really have deeper pockets than a Federal Prosecutor, then perhaps you should donate some of your cash to the US Government to reduce the trillions of dollars of debt :P

I think most of the people arguing in this thread don't actually understand what the wording of the laws involved actually are.

The point, amongst other things, is for you to look at what your site is doing and make a judgement about it. The session cookie is 'probably' OK. cookies for other things like the upshrink are also 'probably' OK because you can make a reasonable defence about those, even though it's pretty tenuous and against the letter of the law.

The thing is, I'd argue that at least doing the review of what cookies is involved is not only a good practice, it means you can show accountability for what your site is doing. It's good practice, it's also taken responsibility for what your site is doing. Is that, at least, not a good thing to do?

Or are you also of the school of thought that what your site is doing is not actually your problem?

Yup and you can deploy as many first and third-party cookies as you want provided you inform the user what they are, their use and get his/her permission first.

I've had our implementation in place for over a month and there's been no adverse affect on visitor numbers. In fact, our membership is increasing at a faster rate since deployment[1] and I have received several messages thanking us for our concern about our users' rights to privacy.

I agree completely about the need to conduct a cookie survey as site owners need to identify the source and usage of every cookie likely to be served.

If you have Adsense-served advertisements on your site, you may not realise this but there are circumstances where Adsense will serve four (or sometimes five) cookies into your site's folder in the user's Browser cache. One scenario guaranteed to cause this is if the user clicks on the small icon in the top-right corner of an advertisement - this opens a new page to allow the individual setting of Adsense options. From memory, they all have the prefix "GoogleAdsense" followed by "__utma" (etc) and have the same persistency as their Analytics counterparts. Adsense also serves other cookies which are stored in the Google folder including "rememberme".

1.	I can't state categorically that our Cookie Law provisions are solely responsible and recognise there may be other valid reasons for that.

Oh, I am with you on that, Arantor...   it is always good practice to review and to be aware of what your site is actually doing (of course, most people wouldn't understand the explanation/description after doing the review)

I agree that having a statement like "This site uses cookies" is not a bad idea... and my user agreement usually includes a line like that.

However (and to address markham's point) "requiring" this crap because of some illusion that this involves privacy in any way shape or form is complete BS.

To address his other points...  yes, these people are stupid. It has very little to do with their knowledge of how the internet works. They would be stupid, even if they did understand it... the fact that stupid people get to make such stupid laws just emphasizes the point.
And nope... deep pockets has nothing to do with it. There are plenty of groups and lawyers who would defend this sort of case and include a class-action suit against the government in the deal.

There are certain idiotic laws that have been put in place and are only there because people are too lazy (or have been idiotically convinced that this is for "their protection". Homeland security is one of them. Seat belt laws are another... the list goes on....   with this one added right at the top.

You know me, I'm the first to think ill of users :P But I dispute the validity of 'stupidity'. It is not stupidity, it is a lack of education on the subject. I would argue that it is the user's responsibility to understand some of what their computer is doing, much as I would imagine any driver should be aware of really common faults and things that shouldn't be the case on a car, even if they can't strip the engine and rebuild it themselves. THAT, I will argue, is stupid.

That at least is the way I see it for regular users. They do not take responsibility for the way things work that they have control over; those who care already did something about this.

Now, lawmakers. I don't have a lot of faith in lawmakers as far as legislating the internet goes. I don't have much faith in this law for example, other than the fact that it directly affects me to have to deal with it. It is because these people do not understand how the internet works and assume that 1) it is a single united entity and 2) laws can be applied equally everywhere. Of course neither of these are true, and the lawmakers end up screwing something up even if it is with the very best of intentions behind the law.

This law, however ill-implemented it may be, is designed to protect user privacy. DNT and similar measures also put user privacy at the front, though are implemented by people who at least understand some of how the systems work, but even DNT and ilk are flawed because again they put the onus on the developer/site owner.

I'm fully of the belief that there are stupid laws. Most of what comes out of the DHS seems to be flawed, especially with the likes of the TSA... the effectiveness of the measures of actually detecting anything contraband aside, it's guaranteeing that the terrorists win, because now the terrorists do not actually have to do anything and yet everyone is running around on alert and implementing all these measures, which will never be tripped; it's all shutting the gate after the horse has bolted.

Getting down to the point about informing users, informing users is a good thing however you slice it. You're taking responsibility for your end of the bargain, it's not your problem whether users don't bother to read such things. That's one of the flaws with this law is that it's educating users to just click yes, just like Vista/UAC did. You can lead a horse to water, etc.

But if users have access to that information - something not widely normally available - they can make a decision whether to accept cookies or not, or even set up some exclusion rules should they so desire. It's giving the choice and responsibility to the user. You can't make them take that responsibility. But I believe you have to give them the tools to do so - and without laws like this (or, hopefully, better thought out ones), there will never be any reason for site owners to be accountable other than what they 'feel' is right.

This law wasn't created out of a whim. Bureaucrats didn't have a brainstorming session and suddenly decide to legislate about the deployment of cookies. This law originated in Denmark, a country whose citizens are very protective of their privacy and who were (rightly) concerned about the power certain internet companies had acquired through tracking users' movements around the internet and selling that information. That'd be the likes of Google, Microsoft, Facebook et al.

Admittedly the implementation of that law is not ideal in that it - and DNT - place the responsibility for compliance with the site owners. It would have been far better to have made it a requirement of the browser (as DNT will be) but they would have faced certain difficulties there: of all the browsers in common use, only one originates from within the EU, Opera. As requiring browser producers to incorporate it wasn't a realistic option, they went for the next best thing.So everyone, in your eyes, is stupid? That's a rather arrogant and patronising statement to make about people who visit my sites, your sites and everyone else's sites. Are they stupid because they want to retain one of their few remaining rights, that of privacy? Or perhaps they're stupid to browse the internet when they could go to a public library to get information and do their shopping in real shops rather than online. Or do you just have a low opinion about everyone else?

Oh come on... You should know Pete by now... He's not like that :P

For once that wasn't about me! :lol: That was in reply to Kindred, who it seems is even more cynical and weary of humanity than I am, which takes some doing.

Stupidity = lack of intelligence, but the problem isn't a lack of intelligence, it's a lack of knowledge and people taking responsibility, and people being given the tools to be able to take responsibility without having to become experts in the subject.

actually, Nao...  I think that was directed at me. :niark:


and markham...   yes, I generally think that most of humankind is indeed, incredibly stupid.
And yes, I am arrogant and even patronizing, at times. (just ask Nao and Arantor and, well, heck anyone who knows me)


As for their "right to privacy"  PSHAW. This law has absolutely nothing to do with privacy. It really doesn't. It, like the stupid Homeland security stuff, has to do with people's PERCEPTION of a protection of privacy. And that right is regularly abridged and removed by the government(s). The governments just want to give everyone the perception that they are protecting Joe Public from the big bad internets, all the while quietly doing everything they can to violate those rules themselves.

And yup... I have an incredibly low opinion of humanity.
persons (individuals) are OK and sometimes even intelligent.
people, as a group, are stupid, unintelligent and easily led.


and yup, Arantor... I'm older than you... I've had more years to build up my cynicism storage tanks.

Then I WAS right ahah. Pete ain't like that :P

Yes, in fact I will. A law like this does nothing but hold society back. Ignoring it sounds good, fighting it sounds better.

-sigh- Then nothing I've said has been worth the effort of thinking about it.