Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

EU May Outlaw Cookies

timothy posted about 13 years ago | from the use-tasty-apples-instead dept.

The Courts 287

Millennium writes: "According to Yahoo News, The European Commission is considering a privacy directive which, among other things, completely bans the use of cookies. Forgive me for saying so, but considering all the legitimate uses of cookies, isn't banning them outright going just a bit too far?" Update: 10/31 19:21 GMT by M : The submitter's write-up is wrong. Read the story. Keep in mind, as usual, that a "news" story whose sole source is an executive with an agenda to push is unlikely to portray the situation accurately.

Sorry! There are no comments related to the filter you selected.

this site sucks (-1, Flamebait)

Anonymous Coward | about 13 years ago | (#2503568)

it goes down more often than taco's mother on a dick.

maybe not but... (1)

esoteric0 (105786) | about 13 years ago | (#2503569)

at least some places are taking a serious interest in privacy.

Re:maybe not but... (1)

Bobo the Space Chimp (304349) | about 13 years ago | (#2503714)

I say we ban the EU Federal Government instead.

FT (-1, Offtopic)

Anonymous Coward | about 13 years ago | (#2503570)

First toast [drtoast.com]

Who was saying they're fp god??

-DFW

Slashdot crashes again.... (-1, Offtopic)

Anonymous Coward | about 13 years ago | (#2503572)

Good to see /. back up after a crash....

cookies (1)

ZaneMcAuley (266747) | about 13 years ago | (#2503573)

Well then that would break my Yahell Mail sign in, Slashdot signin, hotmail sign in. What would work without session cookies?

Sure, block illegitimate use of cookies. What other mechanisms do we have? Passport?Does passport use cookies too?

Re:cookies (-1)

Guns n' Roses Troll (207208) | about 13 years ago | (#2503615)

I feed your mom cookies as I do her on all fours.

HAHA! ZING!

Re:cookies (1, Informative)

VA Software (533136) | about 13 years ago | (#2503668)

Does passport use cookies too?

Yes it does.

See, for example, KB article Q299495 [microsoft.com]

Browser... (1, Redundant)

arson1 (527855) | about 13 years ago | (#2503575)

Since just about every major browser allows you to accept/deny/view/modify/delete coolies... what's the big deal? Banning X10 ads... now that's something worth considering.

Re:Browser... (2)

darkonc (47285) | about 13 years ago | (#2503729)

Unfortunately, when you set netscape (4) to ban all cookies, it removes the cookie file so when you get to a site where you want to use cookies, you have nothing to send.

On the other hand, if you have cookie notification set, then some sites have so many cookies that you spend 15 minutes clicking on cancel before you can get around to seeing the page (or even hitting the 'stop' button.)

I think that it may be appropriate to make it illegal to use cookies other than associated with a user making an explicit choice/setting (like cliking on a purchace, or chosing to save password settings, etc.). That's what cookies were originally designed for.

This would, at least, get rid of all those cookies associated with images, etc. that get sent by various add sites. That, I think, is what they are really trying to ban.

not banned outright (5, Informative)

brlewis (214632) | about 13 years ago | (#2503577)

"Banning them outright?" Read the article before you post the article:
The existence of such a technology, the amendment states, ''may seriously intrude on the privacy of these users. The use of such devices should therefore be prohibited unless the explicit, well-informed and freely given consent of the users concerned has been obtained.''

Re:not banned outright (3, Interesting)

macdaddy (38372) | about 13 years ago | (#2503695)

"The existence of such a technology, the amendment states, ''may seriously intrude on the privacy of these users..."

Then again binoculars and small video cameras 'may seriously intrude on the privacy...' of European people too. Are they going after things of that nature as well?

Re:not banned outright (1)

Bobo the Space Chimp (304349) | about 13 years ago | (#2503744)

> Then again...small video cameras may seriously
> intrude on the privacy...' of European people too.
> Are they going after things of that nature as well?

God, I hope not! The omnipresent pole cameras in Europe provide my weekly entertainment on Max X [maximumexp.com] .

n

Re:not banned outright (0)

Anonymous Coward | about 13 years ago | (#2503747)

Only if you stick one of those video cameras in someone's house without asking, which is really what the equivalent of nearly all cookie use is, anyway.

Whats wrong? (-1)

Guns n' Roses Troll (207208) | about 13 years ago | (#2503580)

What happened to the front page? It looks like it's in minimal mode or something

But I like cookies! (1)

smasch (77993) | about 13 years ago | (#2503581)

But I like cookies... especially the chocolate chip ones! :-)

Seriously though, if you really don't like cookies, you can disable them through almost any (if not every) browser. The only problem is that some sites require them in order to use the site. Can you log in to Slashdot without cookies? I haven't tried, but I'm pretty sure you can't. And if you could, you would have to log in again every time you start your browser.

Re:But I like cookies! (1)

ZaneMcAuley (266747) | about 13 years ago | (#2503595)

my solution to that is clear the cookie cache. Log in, then BLOCK every cookie under P3 settings in the browser and u can still login until the cookie expires ;D the repeat ;D

Banning Cookies (1)

Renraku (518261) | about 13 years ago | (#2503584)

Banning cookies would be lame. Instead, they should make websites now with two methods of data tracking. Something like cookies, and something else. Now-a-days, if you don't have cookies turned on, you can't do many things. This is just wrong. Its like telling people if they don't allow a camera crew to follow them around, they can't shop/use cars/live normally.

Re:Banning Cookies (0)

Anonymous Coward | about 13 years ago | (#2503703)

Its like telling people if they don't allow a camera crew to follow them around, they can't shop/use cars/live normally.

Actually .. In not such a direct manner, this is how life is. How many stores do you go into that have surveillance cameras? The web sites are similar: private sites can do what they want, but too much intrusion and customers may not stick around.

Re:Banning Cookies (1)

Havokmon (89874) | about 13 years ago | (#2503707)

Something else.. hmmmm.. .NET!

No flames please, isn't that what the damn thing's for?

Oh wait.. Linux-friendly post:
Something else.. hmmmm.. Mono!
(Isn't that what you got in High School?)

How about going over the ups and downs of cookies? (1)

Courageous (228506) | about 13 years ago | (#2503586)


How about revisiting the issue of cookies and listing the various ways they can be properly used as well as abused? I'm personally not really up on cookies; I know that's ignorant, but it's true. I can't be the only cookie dummy on slashdot. :)

C//

Re:How about going over the ups and downs of cooki (1)

jazman_777 (44742) | about 13 years ago | (#2503641)

How about revisiting the issue of cookies and listing the various ways they can be properly used as well as abused? I'm personally not really up on cookies; I know that's ignorant, but it's true. I can't be the only cookie dummy on slashdot.


The only thing I can recall from earlier threads is that they're evil. I can't for the life of me tell you why they are evil--maybe because Doubleclick placed a cookie, and Doubleclick is the Internet Hitler, at least, or maybe a terrorist group trying to track me. But I've been blocking them fanactically ever since! Except for Slashdot's cookie, of course.

a comment / minute (-1, Offtopic)

Anonymous Coward | about 13 years ago | (#2503587)

In slashdot there's a comment every minute.

Please mod this post up. Points +1 Funny.

I'm fucking funny.

isn't banning them outright... (0, Offtopic)

lyapunov (241045) | about 13 years ago | (#2503588)

nay, tasty though they may be, the side effects of tooth decay and obesity far outweigh any legitimate use they may have...

Re:isn't banning them outright... (-1)

Guns n' Roses Troll (207208) | about 13 years ago | (#2503645)

A black guy should Eff you in the Ay with his huge Cee and stuff his applebag in your hole.

Opie and Anthony rule.

Privacy Paranoia (3, Insightful)

Argyle (25623) | about 13 years ago | (#2503589)

All modern browsers allow users to turn off cookies completely.

People all ready have the choice.

You can't legislate stupidity out of life...

Re:Privacy Paranoia (1)

Staciebeth (40574) | about 13 years ago | (#2503654)

Yes, but a lot of sites simply won't work without cookies. You could argue that this is due to poor design (and you'd be right) and you could argue that if a company can't be bothered to make its site accessible to the non-cookied why bother going there (and you'd have a good point) but sometimes one just doesn't want to be bothered to log in ALL the time on a site one goes to everyday, or sometimes one just wants to buy cheap airline tickets online...

uncalled for but (0)

Rai (524476) | about 13 years ago | (#2503590)

nice to see them at least considering user's privacy (it that is their intent.)

Enforcement Nightmare!(tm) (2, Insightful)

hlprmnky (107200) | about 13 years ago | (#2503591)

I like the EU legislating content and practices on the Internet no more than I like the US doing the same. That which I tell you three times is true:

Education is the key, not legislation.
*Education* is the key, *not* legislation.
EDUCATION IS THE KEY, NOT LEGISLATION!

Thank you, and goodnight.

Re:Enforcement Nightmare!(tm) (-1, Offtopic)

Anonymous Coward | about 13 years ago | (#2503723)


Yeah, after all, it worked when trying to prevent the spread of AIDS 20 years ago...

Re:Enforcement Nightmare!(tm) (-1, Offtopic)

Anonymous Coward | about 13 years ago | (#2503766)

Yeah, after all, it worked when trying to prevent the spread of AIDS 20 years ago...

Yeah, you're right: we should legislate sex and require permission by the government before people can engage in sex.

Cookies (3, Funny)

utdpenguin (413984) | about 13 years ago | (#2503592)

Cookie monster will be SO disapointed!!!


And I hate to disapoint a monster. It's dangerous


You tell him . .. .

the wrong solution for the wrong problem (4, Interesting)

fetta (141344) | about 13 years ago | (#2503594)

The EU appears headed toward a classic error - they haven't defined the problem correctly. Instead of asking "how can we protect the privacy of our citizens" they asked "how can we prevent organizations from using this specific technology to invade our citizens privacy."

Whoever proposed this absolute ban on cookies clearly has never done any kind of web development. Sheesh.

Re:the wrong solution for the wrong problem (2)

debrain (29228) | about 13 years ago | (#2503728)

Clearly?

I'm not so sure. Given that those organizations prone to using cookies are prone to keeping track of your personal information (msft,banks,insurance,advertisers,etc) to profitable ends, perhaps the EU really does understand the problem, and will force corporations to find an alternative solution.

Mind you, with luck, that solution will be free certificates (as opposed to verisign et al. certs), so that cookies are no longer necessary to identify a user. Mind you, certificates will provide another point of failure in the identification schema. What we need is an certified anonymous user with the browser, but I doubt corporations sponsoring certification will go for that.

The inherent problem with certificate idenfification is that most browsers now just send it implicitly, without asking you if you actually want to be identified to this system. (This is similar to NT/lanman hacks that give you the NT password of everyone who connects to your web in a nice, easilly decryptable form.)

The problem of privacy is that it fights against personalization of the internet. Corporations will fight for personalization since personalization provides avenues of revenue and control. Cookies are a method of personalization. Banning them may not be the wosrt thing in the world; certificates could be worse (or much better, if done properly :/ ), or the alternative.

Mind you, banning cookies somewhat stifles all existing infrastructure on the internet and attacks what should be a harmless technology of properties.

Re:the wrong solution for the wrong problem (0)

Wouter Van Hemel (411877) | about 13 years ago | (#2503764)

I agree with you, but it's nice to see something done PRO privacy and users instead of the usual CON these days...

Got Milk? (0, Offtopic)

Alsee (515537) | about 13 years ago | (#2503596)

Cookies and donuts [slashdot.org] .

In the UK at least... (2, Funny)

ocie (6659) | about 13 years ago | (#2503597)

They don't really call them cookies, I think the call them biscuits :)

Re:In the UK at least... (1)

silphium_laciniatum (220816) | about 13 years ago | (#2503659)

i installed sesame street speak and spell on my computer. now this big blue monster won't leave me alone.

COOKIES!! Mgrorph grumph argrumph yum yum yum

Banning them outright is silly ... (0)

Anonymous Coward | about 13 years ago | (#2503600)

I can see regulating them, but I can't see outlawing them entirely. On-line banking, for example, is an example of cookies that I can understand need to be in place.

Wether or not the "Interactive Advertising Bureau" is going to lose some money from that is something I could care less about.

The problem with HTTP, being connectionless and stateless, cookies are a hack that was added to get around the failings in the protocol. People have (ab)used it to track site visitors in a slightly more obnoxious way though, and *that* is probably why the EU is looking at this at all.

Even session cookies? (4, Insightful)

ccarr.com (262540) | about 13 years ago | (#2503601)

I can see banning long-duration cookies, but e commerse would collapse without the session cookie, or something functionally eqivelant. A better rule would be to require browser makers to provide better granularity in cookie preferences, and to make the settings more conspicuous.

Outlawing Cookies (5, Insightful)

BoyPlankton (93817) | about 13 years ago | (#2503604)

While I realize their security concerns, in my opinion the problem isn't with the cookies. The bigger security concern, is really with web bugs. The rest of the stuff that the EU seems to be concerned about really is data that could be generated by analyzing web server logs. The problem is with sites that monitor people across multiple domains.

Re:Outlawing Cookies (1, Funny)

Scott Lockwood (218839) | about 13 years ago | (#2503632)

And more importantly, does this mean that we will see the cookie monster joining Bert alongside Bin Ladin now?

they don't know the user can disable 'em? (1, Redundant)

kisrael (134664) | about 13 years ago | (#2503606)

But the sticky point about cookies is that they often store data without a users' explicit approval. The Commission has been debating whether individuals should have the last word (lawmakers call this the ``opt in'' method) on what bits of personal information are collected on them while online.

Jeez. We already have that. Almost every browser in the world offers the ability to decline all cookies. It may make using any dynamic website an impossible task, but the Commission's inability to realize that this option is already there speaks to their poor understanding of the technology.

Re:they don't know the user can disable 'em? (1)

Dariuss (469123) | about 13 years ago | (#2503660)

Could you imagine having to pass every variable you need and not being able to use session or client side vars? Users can turn them off, but what percentage of internet sites will work if you have cookies turned off?

As a user you have to give up some privacy in order to achive productivity, someone just needs to design a better mechanism than cookies or one that only allows the storage of session information.

Re:they don't know the user can disable 'em? (0)

Anonymous Coward | about 13 years ago | (#2503735)

Could you imagine having to pass every variable you need and not being able to use session or client side vars?

The solution is to store a session ID string, and pass that string to every page. The session ID can be used as the key for a hash table, and the value is an object with all the variables you need. It's easy enough to do (at least in perl and python), and lots of sites do it. You can pass it along as a hidden form element, or in the URL itself (see amazon.com for an example of this).

It takes a little more effort than cookies, but then you don't have to worry about users with cookies disabled.

Re:they don't know the user can disable 'em? (0)

Anonymous Coward | about 13 years ago | (#2503698)

You already know "what bits of personal information are collected on you while online"? Me not thinks so.

They should outlaw pencils and paper, too (3, Interesting)

nate.sammons (22484) | about 13 years ago | (#2503607)

I mean, I could write some personal infomation
on that paper and slip it under your mousepad.
Then, later, I could update that piece of paper
with new information.

What's good about this:

- Someone, somewhere is taking privacy
seriously.

What's bad about this:

- It demonstrates a fundamental lack of
understanding about the modern world.

Overall, I say it's good. They are *thinking*
about privacy, which is more than the US
Government is doing (aside from thinking about

how to get rid of privacy).

-nate

Leave it up to the (0)

Anonymous Coward | about 13 years ago | (#2503608)

European officials to do their best to protect their population from all evil..... whatever....

Yeah! Ban the cookies! (3, Funny)

mfarah (231411) | about 13 years ago | (#2503611)

... and, while we're at it, ban the cakes, too. And the spanish cocas. And all kinds of biscuits. And pretzels, too, just in case. It's easier to forbid the food that's Bad For You than to pass a directive requiring all european citizens to go on a diet.

I just can't help buy wonder what will Cookie Monster say about this: "When cookies are outlawed, only outlaws will have delicious meals", or something like that.

Oh, you mean software cookies? Oh...

But think about the children (5, Funny)

loraksus (171574) | about 13 years ago | (#2503612)

What will we do when cookie monster is removed from the cast of Sesamee Street?

Ut-oh (2, Funny)

MentlFlos (7345) | about 13 years ago | (#2503613)

The girlscouts are gunna be pissed!

(yes, it was a joke)
-paul

Reasonable use policy? (1)

3seas (184403) | about 13 years ago | (#2503614)

What is really needed is a reasonable use policy or such that limits cookies in how they are used.
The initial/original idea of using cookies was pretty much for productive things. But the use of cookies in ways it was not intended have evoloved.

Perhaps this news item can be a good place to argure what is acceptable and what is not. And that these responces may then be forwarded to the EU.

USA Gaming site (1)

diadem (464192) | about 13 years ago | (#2503616)

I run WestHartford.net [westhartford.net] which is basicly a gaming site quite similar to slashdot. I have something called message forums. These "message forums" use cookies to keep a user "logged on." Does that mean I'm going to get sued? Is keeping a user "logged on" a violation of privacy? Also, what can they do about it since I'm in an other country?

Please check the time/date of this post before marking as redundant

Accept/Deny Cookies are good (2, Interesting)

barnaclebarnes (85340) | about 13 years ago | (#2503619)

The Accept/Deny/Only this time cookie management idea that is turned on by default in Konquor is great (and an option in Mozilla). Once you have got through the first couple of weeks accepting cookies from the sites you trust/like and rejecting all the doubleclick and other ad site cookies you only have to accept/deny cookies every few days (depending on your surfing habits).

Giving or accepting cookies unlawful? (1)

imrdkl (302224) | about 13 years ago | (#2503620)

Its not clear whether they wish to outlaw servers' giving a cookie to a client, or client's acceptance of them. Perhaps both.

Dont they have enough on their minds with the Euro coming out in 2 months?

They just want cookie confirmation? (5, Informative)

Fastolfe (1470) | about 13 years ago | (#2503631)

It sounds like all they want is a method to have the user explicitely agree to accept a cookie whenever one's proposed. Many (most?) browsers already support that functionality. Maybe browsers just need to ship with that defaulted to "on" for EU countries. I don't really understand why they're making such a fuss.

To be honest, I think they're going about this thing entirely the wrong way. Don't attack a technology because it has the *ability* to do something you don't like. Attack those that are abusing the technology. In this case, full and proper support for the W3C's P3P initiative looks like it addresses all of the privacy concerns that go with cookies. Maybe they should be looking at this instead.

One thing Microsoft has done right recently is P3P support in IE6, and setting the browser to default itself to what I would consider a reasonable setting out of the box, which automatically blocks a significant number of 3rd-party cookies. I love seeing this in action.

Blocking cookies (1)

ZaneMcAuley (266747) | about 13 years ago | (#2503633)

How would the EU block them? at the ISP level?

Re:Blocking cookies (2)

night_flyer (453866) | about 13 years ago | (#2503686)

Im guessing the wont "block" them but make them illegal to use, so the offending party who planbts a cookie will be punished via a fine or some such nonsence...

Re:Blocking cookies (1)

ZaneMcAuley (266747) | about 13 years ago | (#2503704)

Ok, so how can this be done in reality, i mean is everybody gonna ring the cops everytime they see a cookie. Surely this is unrealistic.

And in other news (1)

blair1q (305137) | about 13 years ago | (#2503634)


On Tuesday the EC voted to make the value of Pi equal to 3.

This will simplify the design of capstans for cash registers in Belgian butter stores, while causing a tolerable 400% increase in the paperwork required to calculate the orbits of communications satellites when requesting permission to use public-owned gravity generated by EC member states.

Re:And in other news (0)

VA Software (533136) | about 13 years ago | (#2503722)

Actually it was the state of Indiana [cs.unb.ca]

Why is privacy so desirable? (2, Interesting)

Gray (5042) | about 13 years ago | (#2503637)

I don't understand the motivations..

If you have something to hide, the problem is not with people fiding out, it is with the reason you desire to hide it.

Privacy solves nothing, it just allows people to ignore problems.

Besides, technology will eventually make all of this moot. Dust sized video camera stuck to everything, only way to avoid that is a really trustworthy police state, and that sounds just *so* much better..

cookies uses (2)

night_flyer (453866) | about 13 years ago | (#2503642)

its quite amazing how poor a rap that cookies have gotten, there are tons of usefull ways to uses them, we use them all the time to store variables that can be passed from page to page, we also use them to allow access to certain areas as determined by data contained within.

my only real gripe with them is they just seem to take up room after a while...

Let's no throw the baby out with the bathwater... (3, Insightful)

closedpegasus (212610) | about 13 years ago | (#2503643)

Yes, cookies can be used to track browsing habits of users.

But don't I, as a website administrator, have a right to know the usage patterns of my users? If I set up a lemonade stand on the side of the street, I know exactly who comes to my store, how many times they come back, and if I'm smart enough, I can use this information to my advantage to sell more lemonade (e.g., I know that Tom buys lemonade on his lunch break at 12:15 everyday, so I better be open then). Why should online business be put at a huge disadvantage? Cookies are a great tool for maintaining a state over a stateless protocol, and differentiating one users "session" from another.

And also, a great deal of code to keep people "logged in" to web sites uses cookies to maintain state. Without cookies, web sites are forced to use the IP address as the unique identifier to distinguish between two users. What about proxy servers and firewalls? DHCP and dynamic IPs? Maintaining state over HTTP would be a nightmare without cookies.

The only problem comes up when cookies are used across different sites, or one company sells your browsing habits to another without your consent. But by browsing a site, you are implicitly giving that site the permission to see what you are doing.

Re:Let's no throw the baby out with the bathwater. (1)

91degrees (207121) | about 13 years ago | (#2503683)

If I set up a lemonade stand on the side of the street, I
know exactly who comes to my store, how many times they come back, and if I'm smart enough, I can use this information to my advantage to sell
more lemonade (e.g., I know that Tom buys lemonade on his lunch break at 12:15 everyday, so I better be open then).


Under EU law, you need to have Tom's permission to keep that information in a database.

Cookies are a great tool for maintaining a state over a stateless protocol, and differentiating one users "session"
from another.


It still will be possible to do this. Just make sure that no information that can be used to identify these people is used in a way that they have not expressly approved of.

Its not a total banning of cookies. The article is misleading in that respect. Just a ban on the use of cookies to track people

EU and everything computer related (1)

Arkan (24212) | about 13 years ago | (#2503648)

Like many political institutions, it takes EU some good technicians to explain them the ins and outs of every question. Fact is the said technicians didn't do they're homework with the copyrights and "intellectual property" stuff, so they surely try to overdo said homework with privacy.
And once again, critical questions, with possible direct implications with expression freedom...

Yes, t'was a rant(tm)!

Breaking News! (-1, Offtopic)

Anonymous Coward | about 13 years ago | (#2503656)

RMS and GNU/Linux zealots are horny, just as The GNU!



http://www.angelfire.com/linux/felch/proudgnu.jpg [angelfire.com]


Proving that GNU zealots are real dickheads.

Yep, ... (1)

Aelfinn (310316) | about 13 years ago | (#2503667)

they should just ban them on images.

Outlawed.... (1)

BigGar' (411008) | about 13 years ago | (#2503669)

When cookies are outlawed, only outlaws will use cookies.

Perhaps they should slow down a bit. (1)

narfbot (515956) | about 13 years ago | (#2503673)

The idea of completely banning cookies is absurd. Let's look at a deeper solution.

IE comes with cookies automatically on and accepted, perhaps this is where the plan of attack should be. Many people have no idea what cookies are, or the fact that there is information being stored about you when you visit a site.

In all fairness to current legitimate use of cookies, people should be warned that cookies are being sent in the first place, and then the person should decide what to do, to accept or not, or to automattically accept all, or automatically accept and reject based on predetermined user settings.

Lets put down the unfair practice of cookies to store information without the user's behalf. They EU should require all browser default to ask the user about cookies after installation of the browser, bundled or downloaded-however it comes. Then after the user has made his choices, then you cannot say that they cookies were illegal, or taken without user permission.

It's a good thing, really... (2, Funny)

athakur999 (44340) | about 13 years ago | (#2503675)

Did you know everytime you dunk an Oreo into a glass of milk, it sends information back to Nabisco via an embedded 802.11 interface? Here's just some of the private details being sent without your knowledge:

* Type of milk (skim, 1%, 2%, etc.)
* Brand of milk
* Length of dunk
* Whether you double-dunk or not
* When you dunk (watching TV, in bed, etc.)
* Any health problems it finds as it works its way down your body

I praise the EU for finally doing something about this.

More short sighted legislation (0)

Anonymous Coward | about 13 years ago | (#2503676)

Not exacly the first time that policy and technology
collide. What needed is legislators who are more knowledgable about technology or at lest take advice

until then heres just another impractical and unworkable law on the way to add to the current collection.

Realstically are there any alternatives to Cookies, how else can session based systems worked or any website that needs unique ID's isn't don't most E-commerce systems employ cokkies for customers "Shopping Carts".

All thats needed is more education and more selective cookie managment tools in browsers ( which is already mainly implemented in mozilla IE etc but still could be improved)

This is almost already law, anyway. (2)

Jon Chatow (25684) | about 13 years ago | (#2503678)

The Data Protection directive (which is law in all EU states, AFAIAA) already makes it illegal to store any identifying information about any citizen of a country of the EU outside the EU's borders, as well as requiring all companies to surrender all information they hold, with catagorisation, proper sourcing, and defense of ownership, about a person within a short time period for minimal charge; see The Register [theregister.co.uk] 's coverage here [theregister.co.uk] and here [theregister.co.uk] for more info.

As an aside, unlike the US, the rest of the world has a-political civil servants; the European Commision is the civil service of the EU, as it were, and they form laws, not pass them (that is done by the proportional-representation-wise-elected European Parliment).

HTH.

Sorta like anything "dangerous"... (2)

seebs (15766) | about 13 years ago | (#2503680)

It's like banning alcohol, drugs, or guns, really. :)

Seriously, this is a tough issue. How do you specify "acceptable" use of cookies?

In one Word....... (1)

the_2nd_coming (444906) | about 13 years ago | (#2503682)

isn't banning them outright going just a bit too far?"

Yes

somebody's going to lose some dough (0)

Anonymous Coward | about 13 years ago | (#2503688)

We [scaredcity.com] use cookies to allow folks to set preferences, vote in polls, etc.... Harmless enough we think.

However, we note that some HUGE corepirate megasloths attempt to use same to 'track' your browsing habits, with the eventual intent(s), of marketing to you, & finding out which sites draw the most eyeballs, advertising with them, & effectively squeeshing the 'little guise', off the wwmap. We don't think that's such a good plan.

There is also a notion that if your pc can be 'snooped' by the nefarians, that your passwords, etc.. could be pilfered. A double edged mixed blessing the little morsels are indeed, but banishing them completely would be like discarding your car, because your neighbor uses his to rob banks.

Have you seen these face scans, etc.... [opensourcenews.com] , of the REAL .commIEs? I thought so.

Why! (1)

GreenCrackBaby (203293) | about 13 years ago | (#2503689)

Ok, so Netscape and IE both allow you to disable cookies. Woohoo. How usefull is that? Your other choice is confirming each cookie. Ever tried surfing with that option on?

I'm sure there are some third-party software products that allow users to assess each cookie once and allow/deny it forever (ie. yahoo cookie allow, doubleclick cookie deny). Why is that so hard to include with the browser?!?

That would make this whole issue go away.

Re:Why! (1)

pipeb0mb (60758) | about 13 years ago | (#2503718)

No browser allows you to specify cookies by domains ?

IE6 does.

Im sure Mozilla does or will...netscape 6.x is too shitty for me to bother looking for it.

But the choices are there.

Re:Why! (1)

GreenCrackBaby (203293) | about 13 years ago | (#2503761)

IE6? Wouldn't that be along the lines of killing the cow to get the milk? :-)


Thanks for the info though...I will have to try out this new version of Netscape again.

Crumpets (0)

Anonymous Coward | about 13 years ago | (#2503691)

What will the Queen Mum take with her tea?

Shades of the French Revolution (1, Troll)

UltraBot2K1 (320256) | about 13 years ago | (#2503697)

This whole EU thing is getting out of hand. Remember the French Revolution? Let me refresh your memory. Peasants (well, actually, disaffected, rabble-rousing intellectuals using the peasants), overthrew the monarchy, bent on establishing a government based on ideals and standards. Instead, they ended up with decades of beheadings, the metric system, all kinds of silly laws in the name of "egalitarianism", and, finally, an emperor bent on expansion.



The parallels with the EU are obvious. We have a new government established, supposedly bent on establishing standards and protecting the citizen. Instead, we have the government limiting consumer choice. I think it's only a matter of time before the next Napoleon steps up to the plate and uses the infrastructure currently being put in place by the power-hungry EU.


Today, they take away the right to use cookies on your website. What tomorrow, gun rights?

What's next ? (2)

tmark (230091) | about 13 years ago | (#2503699)

Next thing you know the British government is going to ban dental work. Ooops, "The Big Book of British Smiles" provides evidence they already have...

Halloween theme (1)

InShadows (103008) | about 13 years ago | (#2503701)

Am I the only one getting hungry off of the today's topics?

First there are donuts.. mmmmm donuts..

and now cookies.. mmmmm cookies...

then you have ghost stories topic thread and I'm sure the Shhh! Constructing a Truly Quiet Gaming PC was posted so that anyone who built it would be scared if someone yelled 'Boo!' at them.

Just My Little Conspiracy Theory.

never take me seriously..

of course it is a little far! (1)

geekfiend (448150) | about 13 years ago | (#2503702)

In this era of government being swamped by technology, and the people in charge being so untechnical, it doens't seem surprizing that any government would "outright ban" anything. As to them it is better to get a law on the books quickly in order to make it relevant to the times as opposed to having the law make sense but be enacted "too late" to do anything!

Clueless Reporting (1)

malibucreek (253318) | about 13 years ago | (#2503706)

One is left to wonder if the author of this piece even knows what a cookie is. There is a great deal of confusion between cookies (the line of text in a cookies.txt file) and the backend database analysis of user behavior.

Web sites can synch up usage logs, cookie, log-ins and customer profiles to create a sophisticated analysis of individual users' behavior and tastes online.

Or, a simple cookie can be used without all that to note whether a user has seen a specific page before. That's useful for webmasters who want to serve up certain types of dynamic content.

Neither did the article mention that without cookies, many European users will not be able to "customize" web sites, because the web server will not be able to track an individual user's session. You'd have to log in on every page to see your customized version, or pass the user's login through the URL--hardly a good idea for security's sake.

We're going to have an increasingly hard time making a good case for responsible pro-privacy legislation if the press can't figure out the basics of the technology being discussed. The public's never going to know they're being screwed if the press can't figure it out enough to tell them.

Why ban them? (2, Interesting)

SonOfSam (15164) | about 13 years ago | (#2503709)

Wouldn't it make more sense for them to require companies/sites to ask permission before writing or accessing a cookie? I mean, anything can be used the wrong way, and abused.

It may be in the best interest of the Internet though, because many sites require cookies. Maybe that would force said sites to have a cookieless solution, or miss out on all the possible readership. Itll be interesting to see what happens in the future.

Banning cookies might get unexpected support (3, Informative)

Florian Weimer (88405) | about 13 years ago | (#2503710)

Banning cookies might get unexpected support: from the law enforcement camp. After all, if cookies are no longer permitted, those interesting session IDs have to be placed in the requested URIs. And these URIs are logged all over the place: by the web server itself, by proxies along the way, by the browser (in theory, session cookies should expire when then browser is terminated). So banning cookies makes session tracing much easier for everyone but the actual web server developer.

Cookies, when used in a responsible way, can increase privacy. Of course, that is not true with those practically eternal cookies which expire some day in the year 2037 or so. On the other hand, there are other tracing methods such as exclusively dynamic URIs or even cache timing attacks [princeton.edu] (yet another interesting Felten paper, BTW).

In my opinion, you should not outlaw the tool, but the intention to gather data. Recently, we've seen so many attempts at restricting tools which have some negative potential, competely neglecting the positive possibilities such tools present. Shall we make the same mistake again?

Maybe they should ban nation-wrecking instead (0)

Anonymous Coward | about 13 years ago | (#2503711)

n/t

They'd break most websites (1)

NineNine (235196) | about 13 years ago | (#2503713)

Cookies are probably used on 95% of all sites today, bth Internet and Intranet. Banning cookies would break, what? 75% percent of all websites that rely on them? That's absolutely ridiculous. They might as well outlaw HTML.

Cookies (1)

justletmeinnow (315504) | about 13 years ago | (#2503715)

Considering that anyone in their right mind can completely reject cookies (even in IE) this seems like a bad decision. If I want to turn cookies off I'll turn them off. Maybe I want cookies turned on. Get off my back big brother...

Crazy! (1)

bool (144199) | about 13 years ago | (#2503720)

Perhaps something being overlooked here is that users already have the means to disbale cookies! Each to their own... overbroad legislation is going to create more problems than it will solve.

Opt-In (3, Insightful)

bwt (68845) | about 13 years ago | (#2503736)

They should allow opt-in cookies, but I'd still like every site to be required to state what data it keeps in its cookies and what it does with it as part of its privacy policy.

I'd like to see browsers with more refined cookie control. I should be able to set the cookie policy for each domain.

If you don't think this quote is funny... (2)

Uttles (324447) | about 13 years ago | (#2503738)

... something's wrong...

The existence of such a technology, the amendment states, ''may seriously intrude on the privacy of these users. The use of such devices should therefore be prohibited unless the explicit, well-informed and freely given consent of the users concerned has been obtained.''

Now, aside from porno sites, when is the last time you've ever been asked for your "explicit, well-informed and freely given consent?" Explicit... ok, yes or no, pretty simple. Well-informed... ha! right! Not if it might contain proprietary information. Definitely no well-informing going on if we're talking about Microsoft. Freely given... another ha! right! "Either you agree, or you can't use any of our service." That seems to be the uniform quote. When's the last time you had a third option on a license agreement. Heck, with MSN, you don't even have a choice, if you don't have the right browser, they won't even let you attempt to view the site.

They aren't going to ban them. (5, Insightful)

Todd Knarr (15451) | about 13 years ago | (#2503740)

From what I read, they aren't banning cookies per se. What they're banning is any collection of personal information without explicit informed consent. So you can use cookies all you want, as long as you tell the user what personal information you're storing in them and let them say whether they want to allow it or not. And if you use cookies for things like shopping carts, where there's no personal information in them, then there's no restrictions on them. All perfectly sensible to me.

Whats the difference ? (1)

WndrBr3d (219963) | about 13 years ago | (#2503741)

A cookie is just a way for the web server to save information client side. Banning Cookies would be like Banning programs that left Registry Entries on your computer. It's just information that needs to be saved.

It's these Paranoid people who have no Trust for Web Companies and their small web sites, but will more than willingly install Microsoft Products which inspect and pick apart every part of your system.

Arthur: You know all this explains a lot of things. All through my life I had this strange, unaccountable feeling that something was going on in the world and no one would tell me what it was.
Slartibartfast: No, thats just perfectly normal paranoia. Everyone in the universe has that.

This is just typical (0, Offtopic)

Dr. JackAzone (517971) | about 13 years ago | (#2503750)

It's typical, EU allways stick its nose where it shouldn't be, like withe the cucombers they are trying to ban the ugly ones, apples when they are to small was to be banned as well. Considering that the EU was formed to make european trading more easy, I just don't get it, ok the cucombers and apples - we need standards but this is like the european curency, police and army ideas... they just don't make sense. actualy they do if we want something like the states, and speaking not only for my self - and with all respect for the states - we don't, I'm proud of the Danish flag, the language, the curency and the culture, of course without becoming a racist, actualy i welcome foreigners to Denmark as long they behave, if they have danish citizenship they are to be treated just like any other criminal with danish citizen ship.

Alternatives would be more invasive (2, Insightful)

gentlewizard (300741) | about 13 years ago | (#2503754)

I was initially caught up in the scare about cookies, especially when I discovered some clueless webmasters were storing my site password in cleartext in them. But over time, I realized that the alternatives for creating a stateful session might be far worse. Can you say Java / ActiveX?

BTW, does Microsoft Passport use cookies, or some other method? If they use cookies, I can just imagine the wheels turning in Microsoft's heads right now at reading this story!

Typical Shortsighted Slashdotters (2, Interesting)

sessamoid (165542) | about 13 years ago | (#2503758)

"you can already turn off cookies... blah blah blah"

This isn't about slashdotters, it's about end-users, the vast majority of which have no idea what the heck a cookie is, much less where they can be found and what they can do. The average web user only knows that if he "turns off all cookies" much of the stuff he wants to do on the net doesn't work anymore. If he elects to review each and every cookie, he ends up spending more time clicking "Accept" than actually using the web. Actually, let me correct that. The average web user doesn't even know there's a menu with "cookies" mentioned.

I think requiring web sites to expliciting notify and obtain permission to track and store personal information via cookies is not necessarily a bad thing. Not all cookies are about tracking where users go, nor about keeping personal information.

Does anybody have a link to the actual legislation? Rather than assuming what we think is going to be in it and screaming at the top of our lungs, does anybody actually know what they're proposing exactly?

IE6 has a nice feature... (1)

mydigitalself (472203) | about 13 years ago | (#2503765)

i've been running ie6 for a few weeks now, and apart from it completely fscking up a number of things (what do you expect), it does have one kief feature which pre-parses your cookies and informs you if a cookie looks suspect.

one such example is if an HTML layer-type banner (you know the one's that aren't just images, but are actual HTML pages placed inside a layer within a DIV) tries to drop you a cookie it will warn you and block it if you choose.

i'm sure my mother would have no idea how to turn off cookies by herself - but this at least goes a step further to inform a luser of the possible intrusion.

i assume it checks the URL in window.location object and if it doesn't match the URL of the cookie it warns you.

i know its not exactly giving you 100% privacy protection - but its a start, and i've found it very handy.

cookies (0)

Anonymous Coward | about 13 years ago | (#2503767)

I can still write a tracking site using a session ID that is not a cookie. The problem doesnt go away, just changes to a less controled method. I can enable or disable cookies, IE has a persite way, cookie pal does the same for netscape on a windows box. Most cookies can be disabled and the web site works fine. I block all until I hit a point that require cookes then only unblock those cookies required.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?