No, not really emotional about it.

But I do see that you created a grandma that needs help to get online and then ignore the fact that the helper could, with very modest effort, set gramma up with a blocking tool that keeps itself up to date. It's clearly not as good an outcome as getting websites to not enable Facebook, but it isn't complicated or hard.

None of that defends "As a practical matter, the only real control you have is "all, or none"."...

So why focus on that and ignore my insisting that something like Ghostery is actually a practical answer to the tracking?

Not in any way that you can't just throw aside by claiming the problem isn't really solved or that the thing used to solve it didn't involve political force.

But things like worker safety and civil rights and vehicle safety and pollution have all been quite majorly impacted by political force.

No, I was just responding specifically to "Web sites simply don't have permission to set ANY cookies without your permission".

I agree that users are generally blind to the defaults of their software, but saying that the website sets the cookie without permission ignores the fact that the website can't actually do anything more than request that the browser store the cookie.

The tracking problem is somewhat solved for people that care to understand it, there are lots of ways to prevent requests from even being made to third party servers (for instance, because of Adblock Plus, I know that this comment entry page would use Google Analytics if I didn't block it and that the only other server it refers to is fsdn.com); that leaves the problem of enumerating the services doing the tracking, but blocking Google, Facebook and Twitter goes an awful long way.

Of course, that doesn't solve the problem of log aggregation and proxied tracking, but those are pretty different than requesting that the browser do this or that.

We already desperately need to update laws surrounding social security, welfare and incarceration.

Also, people today cope with lots of loss. And some people don't cope with that loss. Longer lives won't change that much.

I dislike it when people frame arguments in terms of protecting people they clearly have very little respect for. I mean, if you don't respect them, why pretend to care? But maybe you are just using sloppy language there and don't think of the typical person as a dim dumbass.

Anyway, I agree that social pressure (frothy outrage...) is a key component in shutting it down. That said, Ghostery and the like are a couple of clicks for the person helping granny through the 'couldn't even get online' and have third parties maintaining the block lists. That's plenty practical.

One of the problems with the economy is that there is plenty of production without having everybody employed.

Having more people that want to work is just going to make that effect stronger.

It will be interesting to see if political force or technology ends up solving the problem (it is at least possible to imagine a level of technology where a philanthropist can choose to displace arbitrary parts of the economy; maybe the availability of energy puts a limit on that, I haven't even tried to come up with a napkin level estimate there).

Half of my point is that you really need to coach your argument in terms of what the average user can be expected to do, not make hilariously wrong statements about what is possible.

I mentioned RequestPolicy in another comment. It enables the user to inspect each off site http request that Firefox makes (the default configuration is deny all). That's going to be pretty tedious, but it isn't going to involve analyzing any html or working through any obfuscated javascript. For a lot of the tracker crap, denying the first connection isn't going to break anything on the page, solving the problem.

(I get that this is not a particularly attractive solution to the problem, I haven't reached the point yet where I have decided to work through the pain of creating white lists for RequestPolicy, so I don't use it. But it is very much current technology and it very much solves the problem of not knowing about what sites are being contacted and controlling those requests.)

"no practical choice" and "extraordinary effort" are pretty strong language. The extraordinary effort is of course true, because ordinary people don't bother installing something like Ghostery, but it certainly isn't extreme effort.

The long term, practical solution is to try to educate users as to what the hell the thingamajig on the screen is doing, encourage them to understand and control it, and to raise some frothy outrage over widespread tracking like Facebook was at least enabling themselves to do (they were clearly logging everything, it is less clear if they were actually analyzing any of that).

It might even make sense to start to move browsers away from having a single cookie context. Having cookie zones would mitigate much of what is problematic with sharing everything while minimizing the inconvenience of dealing with sites that use cookies while interoperating. The notion is that managing shared cookies is much less involved than managing all cookies, while still giving very similar benefits.

Sure, it's odd. But it isn't the result of anyone thinking, it is the result of them using heuristics that work against most of their customers against all of them.

If you tell the site that you own a bunch of other things, it will probably send you a wider range of recommendations.

Telling it you own books from the library that you have already read prompts it to recommend books that you have not read. And so on.

(Of course, the items you tell it you own do not have to have any basis in the reality, but basing them in reality may make them more interesting...)

"Load Images Automatically" has been a browser option for something like 15 or 20 years.

I can see reasons to desire more fine grained control than that, but it sort of makes statements like "you have no control over what image bugs or javascript they install on their site" sound really stupid (because the browser option makes the presence of the bug in the html irrelevant).

The browser is storing the cookie. The website is requesting that it do so.

Pretending that this involves the website having control over what the browser stores is blatant idiocy.

There are easy ways to control browser behavior, it is entirely possible, today, to manage what you browser does. The degree of control varies from browser to browser, but the more configurable ones are nicely cross platform.

That said, it is a giant pain in the ass because big companies like Facebook and the websites they work with know that not that many people actually care (i.e., given the pervasiveness of relatively anti-user content, client side white listing is the only workable option, and it is a pain in the ass. Stuff like Ghostery takes over the job of building the whitelist, but then you have the problem of trusting them.).