Actually I did, several times. Just to save time, here are some relevant sections:

If an unrecognized token appears in a compact policy, the compact policy has the same semantics as if that token was not present.

Compact policies are summarized P3P policies that provide hints to user agents to enable the user agent to make quick, synchronous decisions about applying policy. Compact policies are a performance optimization that is OPTIONAL for either user agents or servers. User agents that are unable to obtain enough information from a compact policy to make a decision according to a user's preferences SHOULD fetch the full policy.

So, from this, we find that 1) If a token cannot be parsed, it should be considered to not exist, and the cookie blocked, and 2) If the full P3P compact policy cannot be read, or does not contain enough information, the full P3P policy should be fetched and followed instead.

What actually happened is, Google sent a policy that could not be parsed by this dead, unused by pretty much anyone but IE system, and IE helpfully ignored TWO separate sections of the spec and accepted it. This is now Google's fault, I guess.

By default, IE blocks anything without a P3P policy in place. In order for many sites to do what they need to do, they also present P3P headers that are not necessarily accurate. Microsoft does it themselves. Facebook does it too. What IE fails to do is block anything it cannot parse, as it should be doing.

In any event, all this is still a moot point. I still haven't heard anyone explain to me how attaching tracking cookies for users that specifically opted in to those targeted ads is a privacy violation. I can't hand you my social security card, then claim breach of privacy because you have my name and social security number.

I see, you came up with a BS analogy that didn't fit, then decided mine didn't fit? There is an internet analogy to putting flyers on windshields, I just used it. Google didn't break any windows, open any locks, or do anything else but stick the flyer on the windshield. They used an alternate method to attach the flyer. What you still haven't explained to me is how it is wrong to give a user what they expressly opted in for? Explain it to me, if you would? And don't tell me about how they violated a user's express choice in not getting cookies, since in both the recent incidents, the browsers were acting by default, and not by user choice. Tell me how a user opting in to Google services gets trumped by some chump at Apple deciding to make it harder for anyone else to gather the same data they do by blocking third party cookies? Shouldn't a user's express choice trump default behavior? I guarantee if a user opted not to get charged a fee per web page, and the browser defaulted to charging one anyway, you would sure as hell say user choice should prevail, but any other time the company choice wins?

Yes, IE blocks certain cookies if the site doesn't publish a privacy policy in a certain format, one they came up with, and only they use. Oh wait, except the problem is they didn't block the cookies, they let them right through, in violation of their own published spec. And here's the good bit: Both of these 'hacks' as everyone likes to call them, were done to give users exactly what they asked for, so I will ask again, since no one seems to be able to answer me, how is giving me what I expressly opted for evil? Because they used a workaround to get past browser defaults that are outside the norm? No other browser at all uses P3P any more, and haven't in some time. Only Safari blocks third party cookies by default. Now why do they have an obligation to guide the user through the setup of their browser, when they already opted in to a service, but the browser default was done for them, without their knowledge or consent? Why is it ok for Facebook and Microsoft to violate their own P3P standard to do exactly the same thing,but Google doing it is evil?

As I have noted before, a user had to opt in to Google's targeted ads, they did not opt in to having third party cookies blocked. Why is delivering that cookie wrong? Why should the user have to opt in once for Google, then opt in again for a default they didn't set, and likely didn't even know was chosen for them, since Safari was the only browser defaulting that way?

The short answer is, the user chose to opt in to Google services, they got their targeted ads. The consumer got exactly what they asked for, no privacy was broken, no data secretly obtained. It should not be Google's job to teach people to change settings in someone else's browser.

Now that we are on the topic, why WAS Safari set to automatically block those third party cookies? We already know Apple collects most of that information just as much as Google does, so why block them? Do you think it was intended not to provide any privacy for the end user, but to deny Google that data?

And what if there isn't a good way around it? What if Microsoft and Facebook both do the same thing in order to get Microsoft's own browser to accept cookies from some of their own sites? Oh, that would be wrong too then, yes?

Genius, Microsoft created the spec, and submitted it to the W3C. The spec clearly states that any compact statement that cannot be parsed should be treated as no statement, and the cookie blocked. Microsoft failed to do that with IE. So, I call your bullshit and raise you actual facts.

And I understand what you are saying, but since I have to actively accept Google's terms of service, and yet don't know without searching that IE attempts to block cookies via P3P headers, the active choice is by the consumer, whether they read the agreement or not. Having to accept terms is NOT the same as accepting a default you didn't even know existed. Every single user had to click yes to accept those terms, and I would bet 99% of them have no idea IE was using something called P3P.

No, this isn't the road I want them to go down, but since they aren't, and your claims have no bearing on what happened here, it really doesn't matter. Google used a broken implementation to provide targeted ads to users who had specifically opted in to the service. This does not make them evil. Had they been using this to track everyone, then yeah, that would be bad. That is what you don't seem to be understanding, despite the multiple times people have explained it. Using tracking cookies on users who specifically opted in to get them is not wrong or evil.

What is evil is Microsoft using a broken implementation of a non-used standard to try and score points over something that shouldn't even be an issue.

No, but since that has nothing to do with the current situation, it really doesn't matter. Google was providing a service that it's users opted in to. Yeah, they chose it. A browser using a deprecated trust system that only they ever implemented, and that they implemented incorrectly, allowed them to provide that service. That doesn't make them evil.

Are you upset at a real problem here, or that Microsoft tricked you into being mad at Google?

Now let's try an analogy that actually fits the situation. You signed up for Google's flier service, expecting to get your fliers. You didn't realize that your car locked itself by default, when no other car does that, and want to know why you aren't getting your fliers. Google decides to avoid the locked car, and puts the flier under your windshield wiper instead. They then get blasted for not accepting that your car was locked.

I like it, anyone who has a valid argument must be a 'fanboi' because you can't figure out the logic.

If you were not signed in to G+, and hadn't opted in to targeted ads, then no, Google did not go around your express privacy choices. See how it works, genius? If you weren't opted in, then you got no cookie, put there against your wishes or not. Why is that so hard to figure out?

Second, the IE thing, it is a trust based system that was deprecated 5 years ago, and only implemented by IE anyway. Why is Google wrong for not paying attention to a lapsed system? And again, it was done to allow people who had opted in to get exactly what they asked for, so where is the privacy problem? If you weren't a G+ member, and didn't opt in to ads, then you didn't get a damn cookie, they didn't 'exploit' anything, and you have no horse in this race at all.

I'm still waiting for someone to explain to me how bypassing ANYTHING to allow users what they opted in to once already, but were blocked by specific browser implementations from getting, is wrong or evil?

Regardless of whether the users were savvy enough to know they opted in to ads or not is a separate question, and really has no bearing whatsoever on whether they opted in or not. If they left it at the default,but signed in to G+, they are getting targeted ads. If they didn't read the agreement, that is hardly Google's fault, no? Nor is it their fault if they provide those ads. They can opt out at any time, and the 'privacy violations' stop. It really is that simple.

No, I don't own Google stock, nor Apple, nor Microsoft. I believe ALL corporations are amoral and not to be trusted. I just believe we should be mad at them for the things they actually do, rather than manufacturing bullshit anger over something that doesn't even exist. They do enough bad on their own, we don't have to go looking for BS reasons to be pissed. I also happen to dislike misinformation, no matter who it's directed toward. If you couldn't bother to read about the issue, why are you even commenting? To show how little you know?

You are wrong on both counts. In both cases, the tracking cookies were placed for users logged in to G+, who had opted in to targeted ads. How again is that exploiting a bug so they could track users against their wishes? How is it again that having something on by default represents a users wishes anyway?

And IE, following the standard written by Microsoft, is supposed to deny any cookies when the P3P field can't be parsed.

No, they actually don't, because the P3P spec was deprecated almost 5 years ago. It isn't legally binding (never was) and means nothing at all to anyone but Microsoft.

No, everyone is framing it correctly as a Google vs. Microsoft issue, since Microsoft intended it that way, using the 'user' as a convenient damsel in distress. The fact is, Google is following the standard as written. IE is not handling the invalid P3P statement as it should, as laid out in their own specification. Any malformed statement should be treated as having no statement, and the cookies blocked. Instead, IE happily accepts the malformed response and allows the cookies anyway. They brought this up now because of the Safari thing, they are playing piggyback-the-bad-press here.

You know who else 'circumvents' P3P policies? Microsoft. Oh, and some outfit they have a contract with, called uhm... Facebook, or something.