|
|
|
|
|
|
by gregmac
1143 days ago
|
|
|
It kind of is black and white, from technology point of view. You, the website owner, can control what your server does in response to HTTP requests a client makes. You control what data is sent, and under what conditions you'll send that data (ie: presence of a valid session cookie, correct username/password, cryptographly signed request, etc). I, the user owning a computer, get to control what my computer does. I run a web browser, and can choose what happens in response to data your site sends me via HTTP. Most notably, your site can send some javascript, but my computer doesn't have to run it. My computer can also selectively block what it does, including limiting its access to initiate web requests to other sites. Anything beyond this is artificial, such as laws like DMCA or CFAA. |
|
|
>>> You can write your own code to gather statistics
>> You should respect your user's desires and not gather statistics
> The users aren't the only ones with desires
Sure, whether or not you "can" do it is black and white (and a game of whack-a-mole many times), but whether or not you "should" do it is very much a gray area.