Even assuming that law was necessary (debatable), the idiotic thing was asking millions of websites to do this, instead of automatically in a handful of browsers. Not to mention absurdities like the fact that you need cookies to remember that the user doesn't want cookies, or even worse: https://twitter.com/jgrahamc/status/633551359774691328
Perhaps something is deeply wrong with the way companies approach the internet if millions of them have to display a notice that they are tracking their users.
No, I can see that you are not familiar with the law, I don't blame you because nobody is, since it's incredibly vague about when applies and AFAIK nobody has yet been fined. There are hundreds of companies doing wrong things, no doubt. The "millions" are collateral damage.
I am basing my statements on http://ec.europa.eu/ipg/basics/legal/cookies/index_en.htm (the chapter EU legislation on cookies). According to this guide, the following cokies are exempt from consent: user-input (forms, shopping carts), authentication (for the session), user-centric security, multimedia player, ui customization, social network for logged in members.
No it's neither straightforward nor fair. Because it's a whitelist (and a short one), not a blacklist. You can not legislate like that, making potentially illegal any use case that you could have missed or any future use case.
And there is plenty of legitimate usages that are not whitelisted. The most notorious is non-shared traffic analysis. Meaning what basic google-analytics offers and half of the internet uses. There is absolutely nothing wrong with knowing how many unique visitors you got today, and everyone with a website wants to know that.
> There is absolutely nothing wrong with knowing how many unique visitors you got today, and everyone with a website wants to know that.
Maybe people running those websites want to know that, but as a visitor, I might not want that. Being ablet o tell "how many unique visitors you got today" implies that you can group actions by unique visitors, and thus tell e.g. exactly what I was doing on your website over the course of days. If I'm not logged in, I might not want that.
And don't get me wrong - I'm not really a strong privacy advocate or something. Most of the time I don't care much about tracking. But while in theory there's nothing wrong in tracking unique visits, we all know that the primary use of this is to manipulate users and shit ads on them, nowadays mostly cross-site. It's entirely reasonable people get fed up of being on the receiving end of someone else's malice.
me neither but, assuming that you _had_ to choose, why not? As a user: you get a single standard non-intrusive message you can disable (like remember password). As a website you have one less problem.
Adsense have recently notified publishers that they need to implement a cookie law compliance solution.
I don't know how aggressively they [google] will have to enforce this but the possibility of losing adsense revenue will be a hugely motivating factor.
So the number of sites the need such warnings is about to increase massively.
Or how about Google making a form of Adsense that doesn't track users?
I somehow have a feeling that large corporations intentionally are trying to make this law ridiculous. E.g. why blogspot pages would need such warnings? Please Google just stop tracking.
I acknowledge some benefits of this law, but I vehemently oppose it from the perspective of freedom of speech. I know it's an american innovation, but I think other countries should adopt the same principle that code (and algorithms/protocols) should be considered protected speech. I don't like this law because it interferes with http protocol by dictating how the protocol should be used. EU should not curtail the speech of W3C and of any users of their protocol. If you created a popular protocol then other entities shouldn't suddenly and arbitrarily start dictating how users of your protocol should now use it.
EU should either create their own version of http or create their own client for http, which would be relatively cheap as they would only have to fork firefox or chromium and add sandboxing bound to domanins. Some infrastructure is already there with sandboxing in the form of incognito/private window, it only needs to be extended so that each domain is automatically in its own sandbox instead of just websites you open in incognito window.