undefined | Better HN

0 pointsfnordpiglet3y ago0 comments

GDPR doesn’t say anything really about cookies, actually. I think you meant ePrivacy.

Fact is most popups inform you about cookie use but don’t give you an option to do jack. And what makes you believe they’re ePrivacy compliant? I’ll bet you 90% of those sites, even when well intentioned, pollute you with tracking cookies anyways.

Edit: by the way no modern website uses cookies to maintain your shopping cart, and instead of relying on a persistent credential cookie, you could just use a password manager to expedite login and be more secure overall. Finally, “private” mode on most browsers contains cookies to short lived session cookies within the tab lifespan.

0 comments

3 comments · 1 top-level

mort963y ago· 2 in thread

> GDPR doesn’t say anything really about cookies, actually. I think you meant ePrivacy.

I meant GDPR. It's the reason why websites have to get consent if they want to track you. I believe you're right that it doesn't mention cookies though, I don't believe it cares about what technology is used for tracking.

> Edit: by the way no modern website uses cookies to maintain your shopping cart, and instead of relying on a persistent credential cookie

That's what I meant. You store some unique ID on the client in a cookie, then you have a shopping cart database on the back-end. I didn't mean to imply that the cart items are stored in the cookie, just to distinguish the persistent shopping cart use-case from the logging in to a user account use-case.

> you could just use a password manager to expedite login and be more secure overall.

I do this. I still want to be logged in for a while.

> Finally, “private” mode on most browsers contains cookies to short lived session cookies within the tab lifespan.

I know. Would you find it very convenient if your browser always acted as if you were in private mode and didn't keep you logged in for longer than the lifespan of the tab? No? Neither would I.

fnordpigletOP3y ago

No, you’re wrong. It’s ePrivacy. GDPR set the framework, ePrivaxy has largely superseded.

Actually, I do use privacy mode at all times. The only hindrance is the need to recredential. I have a password manager that auto fills those forms in. It works great, and is better security overall. My cookies database shouldn’t be equivalent to a password file, and I don’t carry around a pile of spammy cookies handing them out to every invasive spy company, hoping an obnoxious pop up mandated by an ineffective regulation will shield me. I use computer science, which always works, rather than political science, which is just a degree for folks who like to drink too much.

mort963y ago

I'm happy you're happy with your workaround.

j / k navigate · click thread line to collapse