Forum OpenACS Q&A: C is for cookie...

12: C is for cookie... (response to 1)
Posted by Todd Gillespie on
Joe Harrington said:
Whenever I enable cookies, I get a .netscape/cookies file full of and others who have on several occasions been cited for using these cookies to build and sell consumer databases that are a gross violation of privacy. *You* may use cookies responsibly, but some others don't.
As a user, I recommend you block doubleclick and any other abusers. (There are some handy tools to filter them at your machine; I just killed them at the router). As a developer, you might want to lend a hand at Mozilla to add (or re-add) cookie filters to Mozilla (or Galeon, which runs rather than walks). As a web developer, if people are not using your service b/c of cookie fear, perhaps you should examine your 'pull' content. "Is it worth risking cookie danger?"

Until the "technology" of cookies includes sufficient control on the client end, your responsible use of cookies on your particular site (and I do laud you for it) doesn't protect us from abuse by others.
Let me see if I get this -- until someone hacks together a collaborated 'cookie blacklist', auto-import into browsers, and site-by-site filtering (already there).... the use of cookies on ACS doesn't protect us from I'm confused (did I miss that ACS module?) -- perhaps you could clarify.
Given the fact that Germany and other nations are implementing legal responses to the privacy-abuse opportunity presented by the current cookie technology,
What legal difference is there between privacy invasion by cookie or privacy invasion by session tracking via {URL manipulation, navigation tricks, etc}. Even if said laws specifically say 'session tracking via cookies' any judge worth his/her salt would rule session tracking by other means as being under the same law (more probably, strike the law as ambiguous; sending it back to the legislature to fix/expand it).

I'm not (yet) a web guru
How many gurus can a field have? Isn't guruship determined by rarity?