

Why the EU Cookie Law is wrong. - Hunterhdolan
http://blog.madebyhd.us/post/21471343305/why-the-eu-cookie-law-is-wrong

======
Wilya
The bit about talking to browser vendors is kind of off the track.

Microsoft would be against, but Google would be happy to oblige ? Seriously ?
Google Analytics is probably the most widespread user of tracking cookies out
there.

Besides, while I agree that this regulation is very weird, and very hard to
justify, saying that it is about governments controlling the web and reducing
free speech is something I don't really agree about. By saying that, you put
this legislation in the same category as SOPA and friends, which are very
different beasts.

Namely, SOPA and related regulations are about the content, while this is
about technicalities. This doesn't impose any restrictions on the users, it
forces websites to do things differently. Maybe it will put a charge on
website creators, but it won't restrict anything. Plus, SOPA is about
protecting the rights of non-internet companies, while the Cookie Law is about
protecting users against internet companies.

Yes, it's misguided. But, for once, it takes the side of users, and not the
side of companies.

------
spjwebster
> _First problem being cookies have been obsolete for a few years now. With
> the recent developments in new storage mechanisms like Local Storage,
> cookies are no longer needed anymore. Local storage has even implemented in
> every modern browser (and IE8+). What does this mean? Well it’s simple… If
> you don’t update your browser, some of your favorite sites aren’t going to
> work._

Okay, one more time: neither EU Directive 2009/136/EC [1] nor the local laws
that implement that directive are specific to cookies. They are worded such
that they apply to all mechanisms that involve storage on the client.

Take, for example, the UK Privacy and Electronic Communications Regulations.
Regulation 6 of the Privacy and Electronic Communications Regulations 2003
(PECR) [2], after applying the 2011 amendment [3] that includes the changes
necessitated by Directive 2009/136/EC, reads:

    
    
        (1) Subject to paragraph (4), a person shall not store or gain access to 
            information stored, in the terminal equipment of a subscriber or user
            unless the requirements of paragraph (2) are met.
        
        (2) The requirements are that the subscriber or user of that terminal 
            equipment-
    
            (a) is provided with clear and comprehensive information about the 
                purposes of the storage of, or access to, that information; and
                
            (b) has given his or her consent.
    
        (3) Where an electronic communications network is used by the same person to 
            store or access information in the terminal equipment of a subscriber or
            user on more than one occasion, it is sufficient for the purposes of
            this regulation that the requirements of paragraph (2) are met in
            respect of the initial use.
    
        (3A) For the purposes of paragraph (2), consent may be signified by a 
             subscriber who amends or sets controls on the internet browser which 
             the subscriber uses or by using another application or programme to 
             signify consent.
    
        (4) Paragraph (1) shall not apply to the technical storage of, or access to, 
            information—
    
            (a) for the sole purpose of carrying out the transmission of a
                communication over an electronic communications network; or
    
            (b) where such storage or access is strictly necessary for the provision 
                of an information society service requested by the subscriber or user.
    

No mention of cookies, and "information stored, in the terminal equipment of a
subscriber or user" would seem to apply to solutions that use HTML5 local
storage, ETag headers, Flash LocalSharedObjects or any other similar
technologies.

[1]: [http://eur-
lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2...](http://eur-
lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2009:337:0011:01:en:HTML)

[2]: <http://www.legislation.gov.uk/uksi/2003/2426/contents/made>

[3]: <http://www.legislation.gov.uk/uksi/2011/1208/contents/made>

------
rollypolly

      With the recent developments in new storage mechanisms
      like Local Storage, cookies are no longer needed anymore.
    

...

    
    
      If you don’t update your browser, some of your favorite
      sites aren’t going to work.
      
      Second problem here is the fact that it only affects
      countries in the EU.
    

Coming soon: Firefox EU Edition?

~~~
based2
> <https://addons.mozilla.org/fr/firefox/addon/ghostery/>

Protect your privacy. See who's tracking your web browsing and block them with
Ghostery.

