FCC Meets To Investigate Cookie Abuse

PreacherTom writes to tell us BusinessWeek is reporting that the FCC and the Center for Digital Democracy plan to meet in order to discuss abuses with regard to cookies. From the article: "Online advertisers have a sweet tooth for cookies. Not the kind you bake, but the digital kind — those tiny files that embed themselves on a PC and keep tabs on what Web sites are visited on which machines. But cookies could have a bad aftertaste for consumers. Privacy advocates say the files are being force fed in large quantities to computer users, and they're demanding that the government put some advertisers on a diet."

Alright, I'll Cut Back!

[Anonymous Coward]

FCC Meets to Investigate Cookie Abuse

Jeez, lay off me, ok? My doctor's been bustin' my balls about it, the last thing I need is the government on my back.

I'm sorry, I'm sorry! But when you leave a box of those girl scout confections next to me, what do you think I'm going to do? They're gone after a few lines of coding and I don't even remember eating them!

*breaks down sobbing

I'm a sick man! I need help! Someone just check me into the Betty Crocker clinic already!

Suggested tag: thinkofthecookies

No, I think it's the Oreos

[JazzLad]

NY [medscape.com] started clamping down on trans fats in restaurants, it was just a matter of time 'til someone went after Oreo.

Re:

[cptnapalm]

You could have the treat and the chick if only you liked Brownies.

FCC Meets to Investigate Cookie Abuse

[GillBates0]

Thousands of children arrested for crumbling cookies and drowning them in milk.

When contacted for comment on this...

[spiritraveller]

Cookie Monster replied, "Me not guilty. Cookie goooooooooooood!"

Re:When contacted for comment on this...

[scottschiller]

Another cookie article, and yet more cooking/baking analogies. Someone should write a cookie monster Greasemonkey script which brings up that particular character ("And now, me eat cookie! Owmwowmowmwowmowmwmowm...."), before setting document.cookie to null.

Many sites stuff advertising and tracking-related data in there alongside your login/auth information in cookies, so it seems you can't win if you need to browse with credentials etc. Blocking 3rd-party cookies is probably the safest bet against ads and so on at this point though, without disrupting cookies required just to browse/authenticate.

As the (censored) big blue guy says...

[PreacherTom]

Remember, kids, cookies are a sometimes food.

Are you kidding?

[spencerogden]

Is this really an area we need more laws about? The dangers of cookies have been overblown for a long time. Not to mention that fact that all browsers give the user more than adequate control over their cookies.

If this is the best thing the FCC can find to waste their time on, then they have become worthless.

Re:Are you kidding?

[neoform]

Headline should have read:

"FCC Meets to Over-Assert Itself Once Again"

Re:

[the_humeister]

If this is the best thing the FCC can find to waste their time on, then they have become worthless.

I think that happened quite a few years ago. Some symptoms include only catering to a small minority (eg wardrobe malfunction?) among other things.

Re:

[ajs318]

Yeah, what was the deal with that? It's not like there is anybody out there who has never seen a nipple, extremely close up, at least once in their life!

Re:

[ColdWetDog]

I was bottle fed, you insensitive clod!!!

Re:

[El Torico]

... that craven, low-brow crap.

You mean the Superbowl?

Re:

[David Gould]

I was annoyed that my girls were being exposed to that craven, low-brow crap.

So what were you doing exposing them to it?

Also, exactly what do you think "craven" means?

Re:

[bentcd]

There are those who feel that the FCC becoming merely worthless would be a desirable development :-)

Re:

[Shawn is an Asshole]

Agreed. The cookie "threat" is overblown by the media. If you're really concerned about it, every modern browser has built in protections.

In Firefox's preferences (2.0) click on the "Privacy" tab and change "Keep until" to "I close Firefox". Then whenever you close the browser, all the cookies are gone. For sites you want to be able to persist (bank, slashdot, etc), put them in the exceptions. I've been doing it this way for years. You can also set it to block cookies for certain sites (I block google,

Re:

[pipingguy]

Try to easily delete index.dat [wikipedia.org] in a cookies directory.

Browser cookie control: how to fix Firefox?

[Beryllium Sphere(tm)]

>all browsers give the user more than adequate control over their cookies.

Firefox 1.0x had this exactly right. In the cookie inspection dialog box, where you need to delete a large number of cookies while preserving a few important ones, they allowed multiple selection (control-click). Sometimes you'd want to add a permanent block on deleted cookies. Firefox even exposed their configuration setting of "and don't come back!" in a checkbox so that you could block cookies from a site at the same time you we

The summary is an understatement.

[jZnat]

Try browsing with cookies on an "ask me every time" sort of basis. Even the most unlikely websites will demand a cookie. What ever happened to sane usage of cookies where they'd only be set if you did something on the site that initiated a cookie transfer (e.g. logging in, starting a shopping cart, storing your preferences)?

Re:

[RingDev]

I've seen some that are limits on advertising. They track when the last time you had an add on the page so that you only see adds every few minutes, instead of constantly.

Cookies are a tool. They can be used for cool things, or crappy things.

-Rick

Re:

[thrillseeker]

And it's guys like you who will complain when good websites start closing down due to costs.

They weren't good if they were so overblown with ads that people looked for a way to block them.

Here's how I decided which sites to block: if it blinks, wiggles, crawls, changes, beeps, flashes or otherwise irritates my eyes in the way my old dog does when he finishes off my bean burrito, then I block ads at that site, and from those ad servers.

Re:

[__aaclcg7560]

I think because most how-to books show how to create a cookie as a neat trick that can be done instead of how cookies should be used sparingly for legitimate uses.

Re:The summary is an understatement.

[TodMinuit]

What ever happened to sane usage of cookies where they'd only be set if you did something on the site that initiated a cookie transfer (e.g. logging in, starting a shopping cart, storing your preferences)?

Oh man, remember those good old days? Before every site was covered in AdSense. When MySpace was the glimmer in some nerds eye. Before every moron lip-synced horrible songs on YouTube. When email was used for communication. When people actually used correct English. When Pluto was still a planet.

I remember!!! Flobble-de-flee!

Re:

[poot_rootbeer]

What ever happened to sane usage of cookies where they'd only be set if you did something on the site that initiated a cookie transfer (e.g. logging in, starting a shopping cart, storing your preferences)?

That was before the bean-counters discovered that if you pass a cookie on every page request, you can track a single user's movement through the site with far greater accuracy than based off of IP address.

Re:

[tomjen]

I have a solution - Firefox allows you to make all cookies temporary, so they are gone next time you restart the browser. Much more easy that way.

Re:

[Greyfox]

There are several Firefox extensions to manage cookies. The one I use accepts cookies by default for the session and then deletes them. You can also allow specific sites to have cookies for longer. Alternately browse to the sites you want to keep cookies from and then set your cookie file read-only (I believe you can even do this in Windows.) The cookies will be accepted and then quietly droppd on the floor when you close your browser. I guess you're out of luck if you keep your browser open all the time...

Re:

[frdmfghtr]

Is this really an area we need more laws about? The dangers of cookies have been overblown for a long time. Not to mention that fact that all browsers give the user more than adequate control over their cookies.

Try browsing with cookies on an "ask me every time" sort of basis. Even the most unlikely websites will demand a cookie. What ever happened to sane usage of cookies where they'd only be set if you did something on the site that initiated a cookie transfer (e.g. logging in, starting a shopping cart,

Re:

[neoform]

I agree, cookies are nice but most sites overdo it.

IMO, each site only really needs 1 cookie, if you're using more than your treating your client as a dump for data that should instead be stored on your server.

Re:

[sillybilly]

I browse with mozilla, edit/preferences/privacy-security/cookies/accept cookies for current session only, and everytime I close the browser all the cookies are purged.. Have to use password manager to store a lot of nonsensitive passwords like slashdot - I always take the time to manually type important ones like webmail/ebay/financial stuff, problem is I forget passwords and I lost access to like my ebay account because I haven't logged in for like 2 years for a while, then when I needed to do some busines

Oh criminy

[A nonymous Coward]

Just disable cookies in the browser by default. Or make them session cookies, that's a good enough second best.

What's the government supposed to do next, make it illegal for anyone to download a virus?

Honestly, some people won't be satisfied until the government publishes a 500 page manual on how to wipe your ass and makes it illegal to do it in any other way.

Re:

[InsaneProcessor]

The FCC has no business here. This is the Internet not US airwaves. They need to all go home and bake some.

Re:

[peragrin]

Um In NY there is a law on what positions you can have sex in.

I don't think it's ever been enforced though.

They might of finally removed it though. they were cleaning up the books on some stupid laws like that.

Re:

[brunascle]

Um In NY there is a law on what positions you can have sex in.

i think that was struck down nationally a few years ago. it has something to do with it being prejudiced based on sexual-orientation. IIRC.

Re:

[AceCaseOR]

Mod parent up - punny.

Re:

[fm6]

Actually, that particular law probably got struck down by a recent Supreme Court decision, but you're wrong in believing that nobody ever got arrested for violating it. People got charged with "sodomy" (which includes gay sex, but also a lot of "unnatural" heterosexual stuff) all the time. Usually it was in connection with another crime, such as rape or sexual battery. But it was not unknown for police to bust into a house on some pretext, and "while I was searching for contraband, I observed two individual

Re:Oh criminy

[ajs]

No, you're hyperbolizing. Some people (myself included) won't be happy until the government sets limits on how personal information can be used by corporations. I don't like the fact, for example, that my mother's phone company shares personal information with her Internet provider who then buys information derived from cookies to develop a package that allows telemarketers to target her based on what Web sites she uses. This is not what the Internet is there for, and I personally want a stop put to it. Limiting abuse of cookies (especially cross-site hand-offs that are used specifically to track broad activity across disconnected sites) would be a good first step, and one that should have happened years ago when certain companies which NDAs prevent me from naming (not related to my current company, thankfully) started the practice.

Re:

[kwerle]

No, you're hyperbolizing. Some people (myself included) won't be happy until the government sets limits on how personal information can be used by corporations. I don't like the fact, for example, that my mother's phone company shares personal information with her Internet provider who then buys information derived from cookies to develop a package that allows telemarketers to target her based on what Web sites she uses.

I had to look it up, just to be sure:
hyperbolize: overstate: to enlarge beyond bounds o

Re:

[ajs]

None of these are "personal information." At no point was your mother's hair color revealed.

It was if she was shopping for hair dye. It was if she was a frequent poster to the "blondes have more fun after 50" message boards.

But that's not interesting. What's interesting is that she usually follows links that talk about hair, or that she spends over $50 only on sites that have distinctly senior-citizen pitch. This requires examination of her behavior in a larger context.

That information, when tied to a telep

Re:

[kwerle]

It was if she was shopping for hair dye. It was if she was a frequent poster to the "blondes have more fun after 50" message boards.

No, the only information that is available is where your mom likes to hang out.

That information, when tied to a telephone number by your phone company, through records from your ISP are invaluable

Make up your mind. Either it is valueable and can be bought and sold - just like any normal information, or it is too valuable to be bought and sold.

It's usually companies that offer

Re:

[hairpinblue]

> What's worse is the fact that it's usually not those companies that you KNOW you're interacting with that hand out this information (though it's only slightly less distasteful when it is)

Several years ago I conducted an experiment with this. My official address, as per the post office, was "200M Pinewood Drive". When filling out applications for bank accounts, insurance, ordering things online, etc., I would often mix and match with things like "200 Pinewood Unit M" or "200M Pinewood" or "200 Pinewoo

Re:

[ajs]

You are correct... in part. Based on my experience, I would suggest that the only difference is that the online services are more sophisticated about address uniformity. They typically license software that can take any address and normalize it down to a canonical representation. What's more, they're likey comparing this to information that they get from several sources.

Good try, though ;)

PS: Yeah, I did this too. Worked out nicely since, for a decade or so, I could reliably throw out any mail that had an "

Re:Oh criminy BAN double-click...

[davidsyes]

this is why I ban double-click. As I gather, they once were a paper mail-order catalog type of company, peddling Sears and Penny's and Wards and such type stuff. Then, along came the computer and the Internets and then the cookies. Somewhere in this, a smarter portion of government told double-dick they couldn't amass the ELECTRONIC on-line ordering and compile and combine it with the paper catalog information they'd been amassing for decades.

Now, every damn where there's x10, doubleclick, icc.intelliserv,

Re:

[non]

and most businesses will do whatever they can get away with in the pursuit of profit, whether its legal, moral, ethical, or not. futhermore, most are also in favor of more legislation regarding criminal offenses, while at the same time vigorously resisting any attempt at control over themselves.

its only to be expected, surely, but the level of hypocrisy is about to go off the scale. if it takes government legislation to control their behavior because they can't, or won't, control it themselves, then thats w

Re:

[A nonymous Coward]

Cookies have nothing to do with your complaint. You are upset, as I am, about companies trading my personal info, such as what I bought, how much I owe, what kind of car I drive ... but cookies are an entirely different kettle of fish.

Cookies track web sessions. you can disable them entirely at your own control. The only control companies have over yoru cookies is to refuse to do web business with you unless they can set a cookie, and if you only allow session cookies, they have nothing to tie one sessio

Re:Oh criminy

[kenj0418]

Honestly, some people won't be satisfied until the government publishes a 500 page manual on how to wipe your ass and makes it illegal to do it in any other way.

I wouldn't mind if the government gave me a 500 page manual for wiping my ass. As long as the pages were soft - that is.

Re:

[SeaFox]

Honestly, some people won't be satisfied until the government publishes a 500 page manual on how to wipe your ass and makes it illegal to do it in any other way.

Dear FCC, I just wanted to write and congratulate you on a job well done with your recent endeavor. Sir, I am seated in the smallest room of my house. I have your manual in front of me. Soon it will be behind me. Thank you.

--SeaFox

Re:

[davidsyes]

Oh GOOD. IF the paper is soft or softenable, I could go about a year without buying TP. Government paperwork reduction act. Yeh, my ACT of REDUCing the PAPER to WORK for my ass...

(Hmmm... but, is the ink toxic when wet?)

(captcha: legume)

More laws != good laws

[daeg]

Laws don't always correct things. This isn't something you can legislate. The sheer number of exceptions would make this law more complicated than anyone could follow or enforce.

Don't like cookies? Don't visit the sites that use them.

Re:More laws != good laws

[KokorHekkus]

Sweden has had a law mandating full disclosure of how cookies are used since 2003. In practice this means there's a small notification to a static page on how they use cookies. So it's not exactly an undue burden for a website. Having a lot of exceptions would make this complicated? Then don't have any... we don't in Sweden. Nothing has crumbled and died here yet.

Re:

[$1uck]

And what exactly does this law enforce? Sites only hosted in Sweden? Sites being viewed by swedish people? What good is such a law? How does Sweden enforce it? What if a company lies on their notification? who is going to catch it?

I fail to see how such a law is very useful.

Re:

[grossvogel]

Absolutely.
For an example, look at spam. We already have a perfectly good law [wikipedia.org] outlawing spam, but it's not being enforced. Maybe they should figure out that one before passing another, less enforceable law targeting a much less serious problem.

Re:

[Peter Trepan]

Laws don't always correct things

Sure, they do. They correct the perception that congressmen don't do anything to deserve their paychecks.

Re:

[camg188]

Yes, it would be another useless law. Last time I checked, Firefox can control what cookies you get. Tool:Options:Privacy:Cookies:Exceptions. If you want to control cookies, just block all cookies and use the exceptions list to accept the ones you want. Quit making laws about crap the doesn't matter.

Re:

[Dunbal]

Yes, it would be another useless law.

      (raises pitchfork in an up and down motion)

      Yarr, I agree. What we need is a law against useless laws!

      (more pitchfork waving)

Re:

[TheRealFixer]

Don't like cookies? Don't visit the sites that use them.


Ah yes, the sites that use them. Otherwise known as, the Internet.

Re:

[daeg]

Almost every site (other than ones you need to log into) can be viewed just fine without cookies. All browsers give you options to block cookies.

It'd be a different story if browser developers were in league with advertisers to force browsers to accept all cookies and to easily share them between websites. If that were the case, I could see Congress taking issue with it, as well as the courts.

Get some new material

[jfengel]

Is there any thing we can do about cookie pun abuse?

Thanks, Business Week. I've never heard any of those before. Perhaps you can stick in a few "roadkill on the information superhighway" gags while you're at it.

Re:

[Dunbal]

Is there any thing we can do about cookie pun abuse?

      Keeping those cookie puns hot and fresh in the oven, instead of cutting them out, ensures that lazy journalists can keep rolling in the dough.

International

[toetagger1]

So this, like many other toppics like this, raises the question:
The FCC only has so much juresdiction. Would this apply to webpages that are hosted in the US? How about webpages that are being viewed in the US? Or what if they are hosted and vewed outside the US, but go through some wire in the US (or even worse, some satelite above the US...)
Of course, you could always regulate businesses and the way they do business in the US, but that shouldn't really be the FCCs responsibility. Not to mention that a business on the Net isn't just in the "US", especially if it sells ideas, information, or services, which are non-physical things that don't always cross borders and such.
It'll be interesting how this will play out in the next couple of years.

Re:

[EvilMoose]

The website says FTC. The slashdot post says FCC.
Harhar, I just nullified your +4 Insightful comment. I wonder, will this give me a +troll?

FTC, not FCC

[Bastian227]

I think a better question is: does the FTC have jurisdiction? The article as I see it says "Federal Trade Commission".

Re:

[arbitraryaardvark]

Mod parent up.
In looking at the slashdot blurb, I wondered if the editors had screwed up that badly, writing FCC, when it sounded more like an FTC scam, so I checked and yeah it's FTC.
I must be new here.

Re:

[MacWiz]

Not trying to pick on toetagger1 or anything, because SpencerOgden, Preacher Tom and SkuttleMonkey are all right along with you on this. Not to mention anyone who modded this "insightful."

RTFA

It's about the FTC not the FCC.

Oh ffs...

[djcondor]

When will our government learn that you can't legislate intelligence.

Hell, our population already proved we can't elect it, now mod me up for taking a crack at the President.

Re:

[Opportunist]

When will our government learn that you can't legislate intelligence.

Hmm... maybe when some intelligence enters the government?

2 questions

[Lord Dreamshaper]

I set my browser to "Ask me everytime" On rare occasions, I need to allow cookies that I'd previously blocked. Problem is that my block list is hundreds deep and the names aren't always obvious. How do I find the one cookie permission I need to reset, short of erasing all permissions and starting over again? Along those lines, when I do allow cookies to keep me logged into a website, for example, how do I tell which cookies from that website are needed to keep me logged in and which ones are unnecessary (t

Re:

[Lord Dreamshaper]

But if you're going to buy from Amazon (for instance), you're going to have to suck it up and accept their cookies to use the shopping cart.

Exactly. I agree to use their cookies to enable the shopping cart. I'll even accept that the cookies then allow Amazon to make better suggestions for the next book I purchase. That does not mean I agree to allow someone else to profile me because Amazon sold the information, in specific or in aggregate.

Don't patronise the website? Well damn, I'd have to stop using t

Cookie Invasion!

[thewiz]

I, for one, welcome our new cookie overlords!
All hail Cookie Monster!

Re:

[ajs318]

"Discothèque" is actually French for "record library".

Re:

[Dunbal]

If "disco" means "I learn" in Latin, does "discothèque" mean "I learn technology"?

      Riiight. And "Alexander" is actually the guy who doesn't read - "A"= not, "Lex" = read, Ander from "andros" = man.

      Fun with greek and latin roots, part 2.

Re:

[account_deleted]

Comment removed based on user account deletion

FCC Mandate

[paulthomas]

The internet is beyond the congressionally approved reach of the FCC as it was created. Not to mention that people can (and do) selectively block and delete cookies. I know a number of average joes who know what cookies are and periodically go clear them out.

One accepts a cookie. It is not forced.

Re:

[sulliva]

"The internet is beyond the congressionally approved reach of the FCC as it was created." They don't seem to think so... See the UIGEA (Unlawful Internet Gambling Enforcement Act) tacked onto the Port Security Bill signed last month.

They have time for this on top of everything else?

[Kenja]

I thought the FCC spent all its time breakign the 1st amendment. Guess they're getting enough money from unconstitutional fines that they can hire more people.

Firefox + Cookie Culler extension = easy fix

[Anonymous Coward]

With Cookie Culler, you can choose the specific cookies to always keep and delete the rest every time you close your browser.

cookie problem

[ajs318]

It's up to users to fight back. I have configured Firefox to ask me about cookies every time one is offered. If I see the dreaded __utma or RMID, I will block all cookies from that site. Others I will accept for the session only. I don't mind the odd PHPSESSID (even had one of them from a site pretending to be .asp once -- wonder if that was done for legacy compatibility reasons [keep the old filename even after upgrading to a better server platform] or by some smart IT bods getting paid to develop a site for a Microsoft server, then hosting it on a proper one and pocketing the money?)

If you're smart, you won't be tracked by cookies. But I've seen scary stackloads of cookies on machines running Microsoft crap. Come to think of it, even Firefox accepts all cookies by default.

Making browsers default to a safer cookie setting (disabled, or session-only) would be a step in the right direction, and so would simply outlawing data-mining (not that I expect anyone would take any notice of such a ban); but ultimately, it's still no substitute for users having some smarts.

Re:

[mcwop]

Agree. The user has control. No government regs required. Keep the government as far away from net regulations as possible.

Enough already

[pianowow]

Enough with the eating puns!

FTA: "...sweet tooth for cookies...a bad aftertaste...force fed in large quantities...on a diet." I think I'm going to be sick.

Hypocritical?

[Admiral Frosty]

Goverments *coughUKcough* just love keeping information far more sensitive then this about their citizens. Are they just upset about someone else cutting in on their game?

word plays

[Zashi]

I can't stomach any more food related word plays.

D'oh!

Re:

[Dunbal]

I can't stomach any more food related word plays.

      Heh, never become a pathologist. My adventures through Pathology at med school taught me that they are sick bastards - almost every disease has a food related description, from "nutmeg livers" to "bread and butter" hearts, etc. Incredible. At least with computers you're not holding Mrs. Jones' kidneys in your hands when you talk about food! :)

Under the Radar

[Anonymous Coward]

If you use the Flash Plugin make sure you set the
local storage settings to 0 KB.

(Right click a flash banner and select "Settings..")

You can set cookies in Flash and it doesn't get deactivated
when you turn off cookies in your browser.

Advertisers haven't really started fully utilizing Flash's
ability to store data in a local sandbox, but don't worry they will.
And it goes completely underneath the browser cookie control radar!
There is so much flash content these days (banners, video) it is
bound to be exploited

The FCC won't let us be.

[Opportunist]

Either they're sticking their noses in things they have no business to nose in, or they're trying to come up with some unenforcable regulations. Could anyone tell me how this should be enforced?

Cookies are used for a lot of things. Keeping track of shopcarts, tracking client movement across pages so pages can be made more user friendly or guide you back where you come from, etc. Which of the thousands of applications of cookies are going to be deemed "good"?

Now, let's assume they come up with something. Wha

What you give them...

[singularity]

Cookies should only be able to store data you give a company. A cookie is not going through your computer and associate your cookie with your name, email address, credit card number, sexual proclivity, and so on.

Now you can say that prevalent advertisers like doubleclick can make inferences based on what sites you go to that they serve ads for. This is one reason that I block anything to/from doubleclick. The fact that this also has the advantage of eliminating several ads as I browse the web? Outstanding. I fail to see how this should suddenly become illegal for doubleclick to do.

So then you can argue "Yeah, but if you sign up with the website, or make a purchase, they can associate a cookie with all the information they gave you!" Yes, and so can any brick-and-morter who wants to track purchases made with the same credit card. Or grocery stores that give you "Discount Cards" that require a name, address, and phone number. Use that discount card once with a credit card and they have even more information on you.

So I fail to see how data acquired through cookies is so bad we need laws "protecting" us. Any privacy nut is going to be willing to either block cookies from certain sites or just make them session-long. Anyone else is running with about the same loss of privacy that comes with using a credit card anyway.

If you do not want online companies to know who you are (and therefore track you), then do not give out information.

So we won't see any more of this

[Tarlus]

It was as if thousands of Oreos cried out in terror, and were suddenly silenced...

</obligatory cliche>

I'm appalled

[not already in use]

The FCC shouldn't be wasting time on this. We have yet to find out who stole the cookie from the cookie jar. Who me? Couldn't be. Then who?

Metaphor Exhaustion

[Protonk]

At what point is it too much to bear the oblique references (well, not that oblique) to cookies, diets, etc? I know kitchy metaphors are the stock in trade (there's another one) of the lazy newspaperman, but it's aggrivating that the online world bear so many more of them.

Information superhighway, chip on his shoulder, etc.

argh

Re:

[account_deleted]

Comment removed based on user account deletion

Cookies do not "embed themselves."

[Sloppy]

those tiny files that embed themselves on a PC and keep tabs on what Web sites are visited on which machines.

Cookies are passive content; they do not have the capapbility of doing anything. Web Browsers are what make the decision to download and store this purely optional advisory-only information.

If the cookie is not actively deleted or blocked by the Web surfer, it remains active on the computer for what could amount to years.

Again, you are describing a behavior of web browsers (and probably not all web browsers), not cookies.

I have always held that the software that I run, is my agent. If I run a web browser that essentially tells a web server what other pages I have visited, then by running that software, I have opted in. I guess the issue is that most computer users are not really aware of what they are running and what actions their agents are taking on their behalf, so they see the lack of making conscious decisions as "not opting out" rather than "opting in." I understand this and have some sympathy for this viewpoint, but it ultimately is technically incorrect, an illusion. I don't think you can't redefine the terms "opt out" and "opt in" to mean things they don't really mean, without having some undesirable consequences down the road.

The problem we face, is that we make unconscious or uninformed decisions, but that doesn't mean we aren't making those decisions; it merely means we're doing it poorly. I would much rather that users learn more about how their web browsers work and what the privacy risks are, than for new laws to be passed that micromanage what a web server admin is required to do, should their server be configured to send a certain header. It is ridiculous to have laws and regulations that get down to such detailed, technical levels, and I think that sort of thing is how we have managed to turn ourselves into a "lawyer society" where the law is so huge and complex that a layman is simply unable to know what the law is without expensive help from a specialist.

What Cookie Abuse?

[RAMMS+EIN]

Cookie abuse? What cookie abuse? Oh, you mean loads of websites setting loads of cookies in your browser, which worked last century, before browsers allowed users to set policies for cookies.

You know why they did it?

[Churla]

They did it all for the cookie
yeah
The cookie
yeah
The cookie

OKOKOK.. I'll stop.

Seriously, Organizations need to realize that pulling the US government into anything to get something regulated is almost always analogous to using nuclear weapons and lawyers. You only use them when you know both sides will lose, but you want to make sure your enemy is screwed just as badly.

7 years ago called

[Trails]

it wants its emerging privacy risk back.

I hate cookies

[MeanderingMind]

I've browsed the internet with my ever changing browser of choice set to ask me about any and all cookies for years now. The number of cookies per site has been very steadily and rapidly increasing since their conception.

I hate it.

Back when they first appeared, they were there to help us maintain our logins through the website, not lose our shipping carts etc. It wasn't bad, it made sense. I was willing to let websites store my username and password so that I didn't have to keep logging back in constantly.

Honestly, I don't even see why we have cookies anymore. There should be far better ways to maintain a persistant login by now. Ways which don't threaten our privacy, or provide a medium for the same bastards that invented pop-ups and pop-unders to destroy common decency.

The first time I visit any website I am bombarded by cookies. This isn't just one cookie, this is as many as seven from a single page. Why in the name of Linux Torvalds do these sites need seven cookies to function? Clicking the next page bombards me again, and will keep bombarding me until I get through all 255 or more ad3.adserve.cookies.net like services. Only then can I finally visit the website in peace, until next month when a new advertiser joins the loop.

So now my cookie accept/block list is the size of New York's phone book. Heaven forbid in that barrage of cookies there was actually an important one. With all the obscure names they're given it's impossible to tell until you can't maintain your login. Now I get to play the age old 'Find the needle in the haystack' game, new millenium version.

This is beyond sanity. I don't know if the FCC has the right or the ability to do something about this, but something should be done. I don't have any idea what. Boycotting pages with cookies means 99.9% of the internet is off limits.

Re:

[Knara]

You could just have your browser set to wipe cookies when you log out (I'm pretty sure FF has this ability, if not natively, then surely with an extension). Or, if you're a windows user, set up a little logout script that deletes your cookie folder when you logout/reboot (or, set a chron job that deletes your cookies once per your preferred time period... or, set permissions on the cookie folder so that nothing can write to it).

Granted, this doesn't fix the "which one lets me preserve my log in" problem,

Re:

[Chris Brewer]

FF will allow you to set a rule for an entire domain, e.g. sitemeter.com - you'll need to do this manually in the Exceptions panel.

There needs to be an option on the Ask dialog for 'Use this choice for all cookies from this _Domain_'...

Re:

[evilviper]

So now my cookie accept/block list is the size of New York's phone book. Heaven forbid in that barrage of cookies there was actually an important one. With all the obscure names they're given it's impossible to tell until you can't maintain your login.

Set cookies to be per-session, block banner ads, and then only white-list cookies from a few sites.

Hell, I can handle logging-in to most sites when I need them, so I only have 3 on my exceptions list.

How About Government Mandated Computer Education

[zentec]

Instead of laws on cookies, how about laws requiring basic education on how to run the computer and web browser? Or maybe simply strong-arming Microsoft into deleting cookies upon exit of the browser.

In the meantime, what could be simpler than using Firefox, telling it to accept all cookies and then setting the drop-down to "delete when I close Firefox"? Really. Works like a champ and I wish them luck in tracking me with my ever changing IP.

Are fingers pointing at...

[dthree]

...TV's leading expert, [wikipedia.org] who said in a recent interview "Me abuse cookies? No way! See? [pbskids.org] (Hey, you know where me can get some biscotti? C'mon, help a monster out. Just this once. Me can stop any time me wants.)"

wtf

[Thaelon]

What jurisdiction does the FCC have over the internet?

If users are not tech savvy enough to use Firefox & Permit Cookies [mozilla.org], then they get exactly as much protection as they deserve. Cookies aren't the problem, stupid users are.

Here's where I go slightly off topic. Stop reading if you want.

I accept that advertisers are scum and will do whatever they can to make money off of me, so I fight back. I use Firefox [mozilla.com], Permit Cookies [mozilla.org], Flashblock [mozilla.org], Adblock Plus [mozilla.org], and Filterset.G Updater [mozilla.org].

I no longer have cable (tv) -

Re:

[Beardo the Bearded]

Thanks for the tip. Pity it's required on FF2.