Hacker News new | ask | show | jobs
by Nursie 4882 days ago
"I don't understand how you decide between good and evil cookies."

It's all in the intended use.

Good cookies: Session cookies for ecommerce and other transactional style web interaction

Bad cookies: Advertisers tracking cookies that track users across multiple sites without their knowledge or consent.

See?
1 comments
mryan 4882 days ago
How about "session cookies for ecommerce and other transactional style web interaction, that track users across multiple sites without their knowledge or consent"? Are these good or bad?

We can decide on a case by case basis whether any particular use of cookies is good or bad, but coming up with a generic rule to do so is fraught with difficulties.

link
Nursie 4882 days ago
Well those would be bad, as they've clearly strayed well beyond necessary use of cookies as a mechanic of the website operating and into tracking people without their knowledge or consent.

What about "Tracking people without their knowledge or consent" being A Bad Thing is hard to understand?

The original poster said " in certain cases, implied consent would be appropriate and this is judged on the basis of the type of cookies that a site is looking to set". Your example clearly goes beyond.

link
delinka 4882 days ago
"...necessary use of cookies as a mechanic of the website [operation]..."

My shopping cart cookie that tracks you across multiple websites is necessary because it keeps my prices lower than my competition giving me the competitive advantage and my customers a better price on the things they want.

Your turn.

link
Nursie 4882 days ago
Nope, you're still tracking someone without their consent, your reason is nothing to do with the technical operation of your website.

Keep trying though, this is entertaining.

link
im3w1l 4882 days ago
By tracking the user across many websites we can give personal recommendations of new products the user might like based on their surfing habits. For instance depression is correlated with erratic surfing behaviour. By making use of these types of relationships we can offer our customers what they need when they need it.

Another good feature is what we call multisite one-click shopping. Having to enter address, credit number, cvc etc on lots of websites is daunting for the customer and can hurt conversions.

/s

link
Nursie 4882 days ago
Cool, all sounds useful, so you have no issue asking for the user's permission to do this?

Because it's still not technically necessary for the functioning of whatever it is that the user is trying to do on your particular site.

These are all fine business reasons but (AFAICT) the entire intent of the law is that business reasons are not good enough to track people without their explicit knowledge and permission that that is what you're doing.

(yes of course they fouled up on the coding and execution of the law, bureaucrats were involved)

link