Forgot your password?
typodupeerror
Government EU Privacy The Internet Your Rights Online

Sweden May Mandate Opt-in For Cookie Transfer 115

Posted by timothy
from the cookie-monster-swedish-chef dept.
Vitdom writes "The present government in Sweden has published a proposition regarding 'Better rules for electronic communication.' Amongst other proposed amendments, it suggests that websites must inform the user of the 'purpose' regarding each individual cookie transferred to the user's browser upon connection. Secondly, it is suggested that the user must give his consent before the transfer of the cookie in question. The proposition is to be voted by the Swedish parliament on the 18 May this year. If accepted, the law will be in effect in June."
This discussion has been archived. No new comments can be posted.

Sweden May Mandate Opt-in For Cookie Transfer

Comments Filter:
  • by VortexCortex (1117377) <VortexCortex@Nos ... t-retrograde.com> on Sunday May 01, 2011 @03:04AM (#35989284)

    Consent is implied by each individual user's web browser. Cookie Censorship need not apply, we already have the tools to manage our own cookie states (visitor discretion is not just advised, it's mandatory).

    Much like the way no one can force you to visit their website, websites can not force your browser to accept a cookie -- And, last time I checked both IE & Firefox by default alerted me that a website was requesting to set a cookie, and the default action was to "[x] remember my decision" -- I opted to not have to answer yes each time, and instead opted to set my cookies to be cleared on each exit...

    I am in no way prevented from disallowing all cookies... I remember writing web login systems before cookies were widespread -- URL MUNGING -- UHG! Hell, we even used the HTTP-REFERER (sic) header to transfer logins across domains (it contains your last visited URL -- the one before the current page request).

    While I do like to know what the little opaque tokens are being used for, there is no reason to mandate their purposes be posted somewhere. Cookies are DESIGNED to track some user specific state information. Cookies track users. End Of Discussion. We know what they are for! Guess what else tracks users? Their IP ADDRESS; This, combined with URL munging == cookies. Netscape just wanted a formalized and more flexible way to do things...

    I can imagine requiring a user to click yet another security dialog each time I add a bit of info or change the way a cookie operates -- To get around this one or both of the following WILL occur:

    1. URL Munging, CSS style color hacks, and other tricks (like decoding a cached .PNG with client side JS) will be used instead of cookies for more user state preservation purposes.

    2. The users will be given a "[x] Remember my decision" option, and we're right back to where we are now!

    Ignorant fools -- When will we mandate that you must pass a technology test before voting for or against said technology related laws? EG: Score a 100% on the "Web Cookie" tech test, and you're fully qualified to vote -- score a 25% and your vote would be worth 25% of a vote since you don't know shit about what you're voting for or against....

    Until then we'll keep having people who don't know shit pass ignorant laws based on "feelings" instead of "facts".

  • Age of consent (Score:5, Interesting)

    by Alain Williams (2972) <addw@phcomp.co.uk> on Sunday May 01, 2011 @03:09AM (#35989304) Homepage

    Next comes the meme:

    1. Agreeing to accept a cookie is a legal agreement
    2. You can't enter a legal agreement until you are 18
    3. Ergo: you can't surf the web until you are 18

    Hmmmm ....

  • by Anonymous Coward on Sunday May 01, 2011 @03:27AM (#35989356)

    A few minutes ago I was wondering if it would be possible to chop a file into lots of tiny snippets and distribute them across millions of PCs as browser cookies ... ? I think it would be a great way to make the web rethink the cookie policy.

  • by Calydor (739835) on Sunday May 01, 2011 @05:33AM (#35989674)

    And if you say no you won't get a cookie remembering that you've said no, so on the next page you get a pop-up asking if you want the cookie, right up until people give up and just accept the cookie.

  • by Anonymous Coward on Sunday May 01, 2011 @07:52AM (#35990092)

    I use nginx and drupal in the USA.
    my nginx has it turned off cause I didn't add the module ngx_http_userid_module.
    drupal does use a PHPSESSION cookie though.
    In an effort to be nice to Sweden (where my favorite death metal music comes from) and to help fellow nginx+drupalers in Sweden
    I am wondering...

    What exactly do I say to satisfy Sweden's new law?
    I am thinking right now it would be, this site uses cookies, I think because of drupal, but I don't really know the fuck why. It certainly isn't for profit, or tracking, or fucking with you, as you can see my site has no products, or advertisements. If you don't like that, the get on down the road bitch.

    What language do I say it in? Is English okay?

    Where do I say it? I don't want java, javascript, and extra flash or an ugly link on my artistic website
    Is there a standard location like robots.txt where a website can put this shizzle without fucking up the operation of teh websites?

    Please don't mark this down into troll-ville. I am being serious.

"If that makes any sense to you, you have a big problem." -- C. Durance, Computer Science 234

Working...