Ask HN: Someone have gotten troubles for not show “We use cookies, Ok?” message?

I've always wondered why these cookie warnings are required to be displayed at the website level, with large, sweeping changes, and not the browser level. That seems much smaller, just as visible, and easier to enforce.

shakna · 9 years ago

Because it's not about cookies.

The law is explicitly about 3rd party cookies, something that is harder to classify.

The intent of the law was to get website owners to stop leaking data to 3rd parties.

The result was everyone slapping a poorly understood warning label on everything.

hdhzy · 9 years ago

If you're taking about the EU "cookie law" then it is neither about cookies nor about third party data. The summary is you can store data if they support the primary function of your site without the popup. E.g. you have a shop so you can place a cookie to track the cart but not cookies related to tracking what your user looks at. Despite the name the law is generic about data stored on users computer so cookies, local storage, etags, all are covered by that.

blibble · 9 years ago

because the law says so, and the law was written by bureaucrats with no understanding of the industry or of the extremely predictable outcomes of their legislation

aaron695 · 9 years ago

They are it seems -

Cookie banner frustration to be tackled by EU

http://www.bbc.com/news/business-38583001

Theodores · 9 years ago

What do you mean by at the browser level? Should Chrome/IE/Safari 'know' the site uses cookies and show something in the browser as per the https padlock?

As an aside I do find it funny how 'bosses' insist on the cookie notice to make their website official looking.

imron · 9 years ago

> What do you mean by at the browser level? Should Chrome/IE/Safari 'know' the site uses cookies

Absolutely! How else does it know to store the cookie on the user's machine.

apearson · 9 years ago

Didn't IE or some other brower put a cookie in the address bar if cookies were used?

amriksohata · 9 years ago

The cookie law is a symbol of EU red tape that adds no value to citizens. Browser tech is fast moving, there are so many other ways of finger printing a user, from canvas finger printing, session storage and background apps and extensions. The cookie law was invented by some EU non-technocrat that got offended when they found out they were being tracked. The fact is companies are getting away with it in other ways anyway, its a pointless regulation that cost companies thousands to implement across their sites but does nothing for no one.

http://nocookielaw.com/

kayimbo · 9 years ago

Thousands? Message me I'll add 2 sentences of dismissable text for only 1 thousand

Developer here, worked at a ticketing company that had to update various sites with different styling for the popup box. Probably cost us a week or so or more work. Multiply that by tens of thousands of businesses.

p49k · 9 years ago

We have had advertisers/advertising networks refuse to work with us until we added it. I don't know if that counts, but it sure makes it difficult to opt out if you depend on ad revenue.

kenbaylor · 9 years ago

It's from the EU Cookie Directive, updated in 2015: https://www.cookielaw.org/the-cookie-law/

and it's going to get more complicated under GDPR and the ePrivacy directive:

https://www.informationweek.com/big-data/cookie-law-vs-gdpr-...?

GDPR is NOT limited to the EU, but is focused on protecting EU data subjects no matter where they are, so US companies may be affected. Many US companies are signing up for Privacy Shield, which is updated annually, so it will spread beyond the EU in the years to come.

zeta0134 · 9 years ago

LeoPanthera · 9 years ago

It appears not, even this site which is deliberately breaking the law as a protest:

http://nocookielaw.com

GalacticDomin8r · 9 years ago

With Brexit, it seems this protest is largely meaningless.

adventured · 9 years ago

This is the type of law that only starts getting regularly enforced when there's a big headline worthy egregious privacy event that happens, that prompts the authorities to have to posture to save face and pretend they're acting to protect the well-being of the people. Until then, it isn't going to be meaningfully enforced, it's too comically absurd to be worthy of the effort for now. Enforcing it now would be herding cats. To do it properly they'd need a sizable target or three to hammer down upon, to scare everyone else into compliance; those target/s will be connected to the source of said egregious privacy violation, that will be the chain of events.

MiddleEndian · 9 years ago

For those interested, you can use http://prebake.eu/ to get a filter subscription to block cookie banners with your adblocker.

NumberCruncher · 9 years ago

I heared about Germany lawyers being on the hunt for sites breaking the laws like the cookie law. In Germany being sued can get pretty expensive pretty quickly, especielly for small sites. I wouldn't put anything online without a corporate body protecting my private wealth, which can be sued and go bankrupt.

germanier · 9 years ago

Note that in Germany no corporate structure will protect the owner-operator of a small company from personal liability. This is through something called Geschäftsfüherhaftung which explicitly applies to mistakes regarding competition law (which are the legal actions you talk about) the director of the company makes personally.

The correct way to shield oneself from liability in Germany is to have appropriate insurance plus paying a lawyer to continuously check the business for compliance.

Deleted Comment