FCC Meets To Investigate Cookie Abuse 159
PreacherTom writes to tell us BusinessWeek is reporting that the FCC and the Center for Digital Democracy plan to meet in order to discuss abuses with regard to cookies. From the article: "Online advertisers have a sweet tooth for cookies. Not the kind you bake, but the digital kind — those tiny files that embed themselves on a PC and keep tabs on what Web sites are visited on which machines. But cookies could have a bad aftertaste for consumers. Privacy advocates say the files are being force fed in large quantities to computer users, and they're demanding that the government put some advertisers on a diet."
Re:The summary is an understatement. (Score:3, Informative)
Cookies are a tool. They can be used for cool things, or crappy things.
-Rick
Re:More laws != good laws (Score:5, Informative)
Firefox + Cookie Culler extension = easy fix (Score:1, Informative)
Re:2 questions (Score:0, Informative)
Presuming I'm reading this correctly, I don't understand why you'd opt to blacklist sites rather than block all and whitelist. I encounter very few sites that block access if cookies are disallowed (excluding dodgy porn sites and legitimate logins) and I'd wager that the few who do have content that can be better found elsewhere.
I have no idea what web browser you use, although considering the slashdot demographic I'd guess firefox or opera. If firefox, a simple extension like 'Permit Cookies' allows you to selectively whitelist certain sites and you can also set all cookies to be erased on browser close. Opera, I can't speak to.
As to a specific method of determining which cookies are required simply for login and which are tracking or unnecessary, I have no idea. Personally if you trust a site enough that you register and log-in (presumably providing an email address) I'd consider it time better spent elsewhere.
Firefox Extension (Score:0, Informative)
disable all cookies and this extension makes it easy to enable or revoke permission or overide permanent/session cookies (turn a perm cookie into a session etc) for your fave sites (simple statusbar button, no complicated options)
basically it turns cookies into opt-in not opt-out
from Gorgias
http://mfe.gorgias.de/#pcookies [gorgias.de]
FF2 compatible
http://mfe.gorgias.de/xpi/pcookie_0_6_2.xpi [gorgias.de]
i have used it for ages and its really essential if you cant stand marketeers abuse
Re:Are you kidding? (Score:3, Informative)
In Firefox's preferences (2.0) click on the "Privacy" tab and change "Keep until" to "I close Firefox". Then whenever you close the browser, all the cookies are gone. For sites you want to be able to persist (bank, slashdot, etc), put them in the exceptions. I've been doing it this way for years. You can also set it to block cookies for certain sites (I block google, for example).
Cookies do not "embed themselves." (Score:3, Informative)
Cookies are passive content; they do not have the capapbility of doing anything. Web Browsers are what make the decision to download and store this purely optional advisory-only information.
Again, you are describing a behavior of web browsers (and probably not all web browsers), not cookies.
I have always held that the software that I run, is my agent. If I run a web browser that essentially tells a web server what other pages I have visited, then by running that software, I have opted in. I guess the issue is that most computer users are not really aware of what they are running and what actions their agents are taking on their behalf, so they see the lack of making conscious decisions as "not opting out" rather than "opting in." I understand this and have some sympathy for this viewpoint, but it ultimately is technically incorrect, an illusion. I don't think you can't redefine the terms "opt out" and "opt in" to mean things they don't really mean, without having some undesirable consequences down the road.
The problem we face, is that we make unconscious or uninformed decisions, but that doesn't mean we aren't making those decisions; it merely means we're doing it poorly. I would much rather that users learn more about how their web browsers work and what the privacy risks are, than for new laws to be passed that micromanage what a web server admin is required to do, should their server be configured to send a certain header. It is ridiculous to have laws and regulations that get down to such detailed, technical levels, and I think that sort of thing is how we have managed to turn ourselves into a "lawyer society" where the law is so huge and complex that a layman is simply unable to know what the law is without expensive help from a specialist.
FTC, not FCC (Score:2, Informative)
Re:Oh criminy (Score:2, Informative)
Several years ago I conducted an experiment with this. My official address, as per the post office, was "200M Pinewood Drive". When filling out applications for bank accounts, insurance, ordering things online, etc., I would often mix and match with things like "200 Pinewood Unit M" or "200M Pinewood" or "200 Pinewood Drive Apt M", etc. and then watch what address would be on incoming junk mail. The result was that, after ordering things like software or magazine subscriptions (online), I saw no significant increase in spam snail mail with the correlating address. However, after signing up for bank accounts and auto insurance (both of which have very strict privacy policies on their applications), I would see a corresponding rise in spam snail mail with the correlating address.
Large institutions, no matter how convincing their privacy policies are, have a thousand different ways of passing on your personal information. All of them, should you ever manage to put together a proper paper trail, are probably legal through some loophole or another in either their privacy policy or the law.