Now we have left the EU is it time to get rid of the cookie popup monster? - With tip. (1 Viewer)

[Gromett]

When you visit a website no doubt you have all had to deal with multiple popups getting your consent for cookies to be placed.

Today's Telegraph has an article that doesn't really explain them or why they are no longer an issue but asks the political question is it time to get rid of them.

Use our Brexit freedoms to kill the EU’s cookie pop-up monster

The three-year-old directive embodies everything that’s rotten with European regulation in one smackable rectangle

www.telegraph.co.uk

I thought as this is in my ballpark I should perhaps give a little explainer of what they are and how you can stop yourself being tracked by them.

A cookie is a simple file that is placed on your computer by the browser that is linked directly to the domain you just visited. The domain concerned can place data in that cookie to help it provide services to you.
For instance it can store your preferences, do you like a light theme or a dark theme without having to force you to login. It can keep login details so you don't have to login on every page view. And many other services.
Cookies are a fantastic creation that makes the web possible.

HOWEVER.
The website in question can also use third party services like adverts or social media like/share buttons. These are little bits of javascript, the webs programming language that connect to a server on another domain.
That other domain also has the rights to then place a cookie on your computer. This cookie will have a unique id, that is specific to you. Then any other website you visit that also uses this same third party service can access this unique id and say, "Hey we saw you previous on this site, and that site" we now know a little bit about you and target adverts at you. This is how the creepy stuff works.

The reason I thought this explanation post was worthwhile is because for some time now in most browsers you can can disable third party cookies.
For example In chrome go to
settings -> Privacy and Security -> Cookies and other site data -> Block third-party cookies

Here if you change it to Block third-party cookies from Allow all cookies you will no longer be tracked using this method.

Please note, do not use the Block all cookies setting as it will prevent you logging into website and more. It basically breaks the internet for you.

The same goes for firefox and others.

The point being, that the cookies warnings shouldn't even be needed anymore sadly as there is a technical solution. A rule force browser producers to display a preferences box once a year with the key settings to do with privacy and get your permission should be enough.

Hope this helps.

 

[Gromett]

Examples of stuff that install third party cookies.
Live chat services (customer support)
Advert
Analytics (google analytics)
Media Players
Facebook like/share
Embedded twitter boxes
In fact any third party embedded content.

 

[Coolcats]

Most people are not technical and need a prompt or reminder not sure this should be linked to Brexit and reminders should remain.

^{_{Subscribers  do not see these advertisements}}

 

[TDub49]

Maybe the Telegraph is feeling the loss of ad revenue that comes with people rejecting their cookies?

Cookies significantly boost ad revenue for online publishers

According to new research, web cookies significantly increase ad revenue for online publishers. When users 'opt-out' there is a 52% decline in ad revenue.

marketbusinessnews.com

 

[Gromett]

Most people are not technical and need a prompt or reminder not sure this should be linked to Brexit and reminders should remain.

The cookie law is an EU law part of the god awful GDPR.

 

[Gromett]

Maybe the Telegraph is feeling the loss of ad revenue that comes with people rejecting their cookies?

Cookies significantly boost ad revenue for online publishers

According to new research, web cookies significantly increase ad revenue for online publishers. When users 'opt-out' there is a 52% decline in ad revenue.

marketbusinessnews.com

There are other ways to track that ad companies use these days. The cookie law is totally pointless.

Do you think the Telegraph would have allowed an anti cookie law if it felt it would hurt it's ad revenue.
Do you think google would provide the no third party cookie option if it hurt it's ad generating capabilities?

All this cookie law does now is get in the way of browsing to absolutely zero effect.

^{_{Subscribers  do not see these advertisements}}

 

[Gromett]

Maybe the Telegraph is feeling the loss of ad revenue that comes with people rejecting their cookies?

Cookies significantly boost ad revenue for online publishers

According to new research, web cookies significantly increase ad revenue for online publishers. When users 'opt-out' there is a 52% decline in ad revenue.

marketbusinessnews.com

PS: If you aren't aware of it. google this "google FloC"

 

[Coolcats]

The cookie law is an EU law part of the god awful GDPR.

Privacy is a human right Gromett do I and others really want all our details to be hosted in some far flung land.....I don’t think so. It’s bad enough when lax security allows your phone number to escape and start being called by all overseas contact centres. GDPR is trying to protect the individual.

 

[Gromett]

Privacy is a human right Gromett do I and others really want all our details to be hosted in some far flung land.....I don’t think so. It’s bad enough when lax security allows your phone number to escape and start being called by all overseas contact centres. GDPR is trying to protect the individual.

I have no argument with the intent, it is the bureaucratic and overkill nature of the implementation of it I have problems with. As would any right minded person if they had any dealings with it.

^{_{Subscribers  do not see these advertisements}}

 

[Coolcats]

I have no argument with the intent, it is the bureaucratic and overkill nature of the implementation of it I have problems with. As would any right minded person if they had any dealings with it.

Ah I do as does my wife implemented the process for our respective business’s, it’s just process it’s not an EU thing Corporates know how to make processes robust and mear mortals like us wonder what the heck so maybe not overkill and maybe they are a right minded individual someone who looks after Corporate due diligence for example. That’s one job that would draw the life out of most but then again maybe they would not be a person who would work with IT.

 

[Kannon Fodda]

The cookie pop ups are a pain in the wotsit. Most are so badly configured I simply leave the site rather than fight my way through all the options to prevent tracking. Even sites I might frequent and have set the parameters next time you get asked again and then they want to push notifications too. Worst are inevitably the media companies who are desperate to grab any revenue.

 

[Langtoftlad]

Box ticking at its worst.
Unintended consequences of ill thought out legislation.

^{_{Subscribers  do not see these advertisements}}

 

[Larrynwin]

Because it’s such a pain I click accept all and at end of every day I delete cookies.

 

[Larrynwin]

Is this the Cookie ?

 

[Gromett]

Ah I do as does my wife implemented the process for our respective business’s, it’s just process it’s not an EU thing Corporates know how to make processes robust and mear mortals like us wonder what the heck so maybe not overkill and maybe they are a right minded individual someone who looks after Corporate due diligence for example. That’s one job that would draw the life out of most but then again maybe they would not be a person who would work with IT.

It's ok for the big corporates. My views are based on small businesses. We can't afford the specialist or dedicated person to handle all the gotchas. It has had the effect of the small guys leaving the industry and the big guys sucking up the remains.
I am not going to get into a debate on this. I have to deal with GDPR, PCI/DSS and many more bullshit legislation that is designed to improve security and privacy but in actual fact achieves very little apart from pricing the small business out of the market. The same happened with the EU Digital services VAT scheme.
I have some stories I could tell, but to be honest it is not a debate I want to have. I have done it to death in the real world and I now just avoid doing anything that involves any of these legal nightmares.

^{_{Subscribers  do not see these advertisements}}

 

[rolosroller]

 

[Gromett]

For those curious masochistic types... Here is the GDPR in it totality.

All 99 articles across 12 chapters.

General Data Protection Regulation (GDPR) – Official Legal Text

General Data Protection Regulation (EU GDPR) – The official PDF of the Regulation (EU) 2016/679, its recitals & key issues as a neatly arranged website.

gdpr-info.eu

Now having seen that. Tell me which small company doing clever stuff on the internet is not going to absolutely crap their britches seeing that pile?

 

[Coolcats]

It's ok for the big corporates. My views are based on small businesses. We can't afford the specialist or dedicated person to handle all the gotchas. It has had the effect of the small guys leaving the industry and the big guys sucking up the remains.
I am not going to get into a debate on this. I have to deal with GDPR, PCI/DSS and many more bullshit legislation that is designed to improve security and privacy but in actual fact achieves very little apart from pricing the small business out of the market. The same happened with the EU Digital services VAT scheme.
I have some stories I could tell, but to be honest it is not a debate I want to have. I have done it to death in the real world and I now just avoid doing anything that involves any of these legal nightmares.

With the greatest respect Gromett this again is aimed to protect the average punter using their payment cards etc and helps combat fraud or are you suggesting we should go back the old multi slip card payment machine where people used to use the carbon copy to rip peoples details from and make fraudulent payments? GDPR PCI/DSS legislation all helps to protect people.

^{_{Subscribers  do not see these advertisements}}

 

[Abacist]

I actually complained to Barclays recently as every page of their internet banking service kept popping up demanding that I accept cookies or not. It drove me mad. It now seems that my mobile banking app is corrupt and is causing the issue and they are trying to resolve it. To my mind I should be able to deal with cookies once on a website and then never again as they should remember me otherwise what is the point! I'm with Grommet. Small businesses are getting overrun with bureaucracy and red tape with no hope of keeping up without it costing them a fortune.

 

[Coolcats]

I actually complained to Barclays recently as every page of their internet banking service kept popping up demanding that I accept cookies or not. It drove me mad. It now seems that my mobile banking app is corrupt and is causing the issue and they are trying to resolve it. To my mind I should be able to deal with cookies once on a website and then never again as they should remember me otherwise what is the point! I'm with Grommet. Small businesses are getting overrun with bureaucracy and red tape with no hope of keeping up without it costing them a fortune.

Sounds like your browser settings need looking at if the browser is not saving your preferences.

let’s have a free for all, do away with ‘bureaucracy’ and see how many people start getting ripped off.

GPDR is there to protect individuals such as companies storing data in overseas servers that have different / lax / less bureaucracy data storage rules as an example. Let’s not ensure your bank card details and 3 digit security pin is kept secure. To be honest this is not bureaucracy but protect people, their finances and assets from rogue individuals companies and states, personally I would blame them not the process’s aimed to protect the masses.

 

[Coolcats]

For those curious masochistic types... Here is the GDPR in it totality.

All 99 articles across 12 chapters.

General Data Protection Regulation (GDPR) – Official Legal Text

General Data Protection Regulation (EU GDPR) – The official PDF of the Regulation (EU) 2016/679, its recitals & key issues as a neatly arranged website.

gdpr-info.eu

Now having seen that. Tell me which small company doing clever stuff on the internet is not going to absolutely crap their britches seeing that pile?

Read it and implemented it in our small companies like many people have it took a week to do but like many / most have done it.

^{_{Subscribers  do not see these advertisements}}

 

[TDub49]

PS: If you aren't aware of it. google this "google FloC"

Don't use Google any more than I can help and certainly not Chrome so I hope to avoid becoming part of one of Google's Federated Cohorts any time soon . . . .

PS: If you aren't aware of it. google this "google FloC"

 

[Gromett]

With the greatest respect Gromett this again is aimed to protect the average punter using their payment cards etc and helps combat fraud or are you suggesting we should go back the old multi slip card payment machine where people used to use the carbon copy to rip peoples details from and make fraudulent payments? GDPR PCI/DSS legislation all helps to protect people.

PCI/DSS is a good thing in principle like the GDPR. What they set out to achieve is great. But how they do it is crap.

To clear PCI/DSS you basically click check boxes and have an external company run a remote scan on your server.
The check box system is pointless as most questions don't apply, a lot of the ones that do are pointless. The remote scan picks up version numbers of software that is supposedly out of date but doesn't take into account security back ports in stable Enterprise versions of software. It is pointless.

 

[Gromett]

Read it and implemented it in our small companies like many people have it took a week to do but like many / most have done it.

You are lucky to have a person who was just sitting around doing nothing that could be assigned to this task for a week. Most small companies have enough work that all staff members are too busy to take a week out to deal with stuff like this.
You are also lucky to not only have that person available for the week but that they are knowledgable enough to be able to read the legalese in that document and convert it to applicable practices for your company.

When I say small companies, I am talking about 1,2 and 3 man bands which make up an extraordinarily large part of our economy.

^{_{Subscribers  do not see these advertisements}}

 

[Coolcats]

You are lucky to have a person who was just sitting around doing nothing that could be assigned to this task for a week. Most small companies have enough work that all staff members are too busy to take a week out to deal with stuff like this.
You are also lucky to not only have that person available for the week but that they are knowledgable enough to be able to read the legalese in that document and convert it to applicable practices for your company.

When I say small companies, I am talking about 1,2 and 3 man bands which make up an extraordinarily large part of our economy.

Oh dear Gromett we have small business’s I sat down with my wife and we spent time reading and implementing the process, I am not saying it was easy I am not saying it wasn’t a pain in the backside and there is guidance out there but...running a company you just have to do these things. I do have a Corporate background and understand process is not personal (you think GDPR etc are tiresome you should see some of the processes used in corporates it would make you cry. This legislation helps protect your business and the individuals and companies that you do business with. We could take the same attitude to HMRC processes which is where a lot of small companies come unstuck. We account for every penny and pay the associated tax some will try and ‘cheat’ the system or are lax with the process and when caught out have to pay the fines. It’s all just process and not personal.

 

[Coolcats]

PCI/DSS is a good thing in principle like the GDPR. What they set out to achieve is great. But how they do it is crap.

To clear PCI/DSS you basically click check boxes and have an external company run a remote scan on your server.
The check box system is pointless as most questions don't apply, a lot of the ones that do are pointless. The remote scan picks up version numbers of software that is supposedly out of date but doesn't take into account security back ports in stable Enterprise versions of software. It is pointless.

Maybe it’s a catch all scenario and whilst some questions do not affect you or your customers there will be some it does. It also sounds like it keeps you in business what’s not to like about it.

 

[DBK]

When you visit a website no doubt you have all had to deal with multiple popups getting your consent for cookies to be placed.

Today's Telegraph has an article that doesn't really explain them or why they are no longer an issue but asks the political question is it time to get rid of them.

Use our Brexit freedoms to kill the EU’s cookie pop-up monster

The three-year-old directive embodies everything that’s rotten with European regulation in one smackable rectangle

www.telegraph.co.uk

I thought as this is in my ballpark I should perhaps give a little explainer of what they are and how you can stop yourself being tracked by them.

A cookie is a simple file that is placed on your computer by the browser that is linked directly to the domain you just visited. The domain concerned can place data in that cookie to help it provide services to you.
For instance it can store your preferences, do you like a light theme or a dark theme without having to force you to login. It can keep login details so you don't have to login on every page view. And many other services.
Cookies are a fantastic creation that makes the web possible.

HOWEVER.
The website in question can also use third party services like adverts or social media like/share buttons. These are little bits of javascript, the webs programming language that connect to a server on another domain.
That other domain also has the rights to then place a cookie on your computer. This cookie will have a unique id, that is specific to you. Then any other website you visit that also uses this same third party service can access this unique id and say, "Hey we saw you previous on this site, and that site" we now know a little bit about you and target adverts at you. This is how the creepy stuff works.

The reason I thought this explanation post was worthwhile is because for some time now in most browsers you can can disable third party cookies.
For example In chrome go to
settings -> Privacy and Security -> Cookies and other site data -> Block third-party cookies

Here if you change it to Block third-party cookies from Allow all cookies you will no longer be tracked using this method.

View attachment 498951

Please note, do not use the Block all cookies setting as it will prevent you logging into website and more. It basically breaks the internet for you.

The same goes for firefox and others.

The point being, that the cookies warnings shouldn't even be needed anymore sadly as there is a technical solution. A rule force browser producers to display a preferences box once a year with the key settings to do with privacy and get your permission should be enough.

Hope this helps.

That method is for Chrome on Windows I believe. For Chrome on Android it is different. This is what I see in the Privacy and security tab.

The Google advice on this website seems clear, except I can't find the "info" button on mine.

Delete, allow and manage cookies in Chrome - Android - Google Chrome Help

You can choose to delete existing cookies, allow or block all cookies, and set preferences for certain websites. Important: If you are part of the Tracking Protection test group, you will see a new C

support.google.com

The relevant bit is pasted below, but it is the route "More Info Cookies". I can't find. There is no Info option under the three dots.

Block cookies from other sites​

You can allow cookies from sites you visit and block cookies from other sites that own ads or images that appear on that site.

1. On your Android phone or tablet, open the Chrome app
   
   .
2. Go to a website.
3. To the right of the address bar, tap More Info Cookies.
4. Tap Block third party cookies

Tip: All cookies and site data from other sites will be blocked, even if the site is on your exceptions list.

^{_{Subscribers  do not see these advertisements}}