> Human beings and their privacy should come before artificial entities and their balance sheet
but we're not talking about things that violate privacy. We're talking about things like preventing cross site request forgeries, and having to ask permission to do it, we're talking about things like providing a faster experience, taking up less computing power, and possibly making the world a little greener, and having to ask permission of each visitor to do it.
> All you are being asked is to be upfront and seek the consent of your site visitors before sharing their information with a third party.
It doesn't talk about third parties at all. This discussion isn't even about how it affects ad networks.
> Well, you have time to research it. Perhaps there's a nice opportunity there for it. Some of it will be about brushing off and updating techniques in use before cookies became widespread reliable.
there is no opportunity, the same information just simply is NOT there. You get an ip, and standard headers, and the request made. thats it. you can't query things like screen resolution, browser capabilities, what version of flash you need to target at minimum. you also lose flexibility. you need to be forwarding logs on to a central processor, or even have access to your logs in the first place, which many people do not.
Imagine some schmuck who adds a plugin to wordpress who gets fined, even though he doesnt know what a cookie is, because the plugin stores it's state in a cookie (think tabs and what not) these arnt strictly necessary to the operation of the site, so it's a fine for him.
Which bring me to another question, how the hell can they even enforce this? you can't really automate it. there will be too much variation in consent popups and in page elements, and who even knows what solutions. Someone would have to go site by site in the uk and check. and then, how would you know what sites ARE subject to this? UK sites arnt just limited to .co.uk. the company i work for has .com as their tld. Does every uk admin need to register the sites they run?
This all seems alot to ask just to block people from running google analytics. Afterall, do you think any ad networks that actually set cookies and track people are going to be in the EU at all? they're not really subject to these laws.
"The new rule is intended to add to the level of protection afforded to the privacy of internet users. It follows therefore that the more intrusive your use of cookies is, the more priority you will need to give to considering changing how you use it."
> It doesn't talk about third parties at all. This discussion isn't even about how it affects ad networks.
The document you reference also contains this:
"However, some uses of cookies can involve creating detailed profiles of an individual’s browsing activity. If you are doing this, or allowing it to happen, on your website or across a range of sites, it is clear that you are doing something that could be quite intrusive – the more privacy intrusive your activity, the more priority you will need to give to getting meaningful consent."
it even goes on to offer:
"It might be useful to think of this in terms of a sliding scale, with privacy neutral cookies at one end of the scale and more intrusive uses of the technology at the other. You can then focus your efforts on achieving compliance appropriately providing more information and offering more detailed choices at the intrusive end of the scale."
but we're not talking about things that violate privacy. We're talking about things like preventing cross site request forgeries, and having to ask permission to do it, we're talking about things like providing a faster experience, taking up less computing power, and possibly making the world a little greener, and having to ask permission of each visitor to do it.
> All you are being asked is to be upfront and seek the consent of your site visitors before sharing their information with a third party.
that's certainly not how the pdf on the ico site says. (http://www.ico.gov.uk/~/media/documents/library/Privacy_and_...)
It doesn't talk about third parties at all. This discussion isn't even about how it affects ad networks.
> Well, you have time to research it. Perhaps there's a nice opportunity there for it. Some of it will be about brushing off and updating techniques in use before cookies became widespread reliable.
there is no opportunity, the same information just simply is NOT there. You get an ip, and standard headers, and the request made. thats it. you can't query things like screen resolution, browser capabilities, what version of flash you need to target at minimum. you also lose flexibility. you need to be forwarding logs on to a central processor, or even have access to your logs in the first place, which many people do not.
Imagine some schmuck who adds a plugin to wordpress who gets fined, even though he doesnt know what a cookie is, because the plugin stores it's state in a cookie (think tabs and what not) these arnt strictly necessary to the operation of the site, so it's a fine for him.
Which bring me to another question, how the hell can they even enforce this? you can't really automate it. there will be too much variation in consent popups and in page elements, and who even knows what solutions. Someone would have to go site by site in the uk and check. and then, how would you know what sites ARE subject to this? UK sites arnt just limited to .co.uk. the company i work for has .com as their tld. Does every uk admin need to register the sites they run?
This all seems alot to ask just to block people from running google analytics. Afterall, do you think any ad networks that actually set cookies and track people are going to be in the EU at all? they're not really subject to these laws.