←back to thread

Internet's biggest annoyance: Cookie laws should target browsers, not websites

(nednex.com)
582 points SweetSoftPillow | 5 comments | 22 Oct 25 12:12 UTC | HN request time: 0.344s | source
Show context
mihaic ◴[22 Oct 25 12:39 UTC] No.45668163[source]
Policing the tools instead of policing what is being done with them is the problem for me. Third party cookies have a valid reason to be used in federated authentication for instance, or a bunch of other valid purposes. Just ban shitty data collection practices.

Knives can be used to chop vegetables or stab someone. Don't ban their sale, ban their usage.

replies(2): >>45668207 #>>45668852 #
1. high_na_euv ◴[22 Oct 25 12:43 UTC] No.45668207[source]
Cookie consent is not required for technical cookies like auth.
replies(3): >>45668331 #>>45668361 #>>45668672 #
2. 4ndrewl ◴[22 Oct 25 12:54 UTC] No.45668331[source]
I'm surprised at how often this needs to be restated.

By-and-large you only need to allow people to opt out of cookies if you're tracking _their_ activity and/or selling details of _their_ activity to your "partners".

replies(1): >>45668861 #
3. lucumo ◴[22 Oct 25 12:56 UTC] No.45668361[source]
Indeed. Nor is GDPR about cookies at all. GDPR is about identifiable user profiles and information. A piece of paper with someone's name falls under the GDPR; a cookie that hides a shown alert doesn't.
4. mihaic ◴[22 Oct 25 13:18 UTC] No.45668672[source]
It isn't needed, but third-party cookies were phased out by Chrome specifically to undermine their competitors, all under the veil of doing the right thing, and everyone that was using them for something ok got screwed.
5. Macha ◴[22 Oct 25 13:29 UTC] No.45668861[source]
Partly it’s because we’ve simplified the discussion to “cookie banners” when it’s about more than cookie tracking or cookie-like tracking (local storage). So it misses all the other ways tracking occurs.

The other thing is that it benefits those who wish the law would just go away to have it misunderstood this way.