"We use cookies to ensure that we give you the best experience on our website. We also use cookies to ensure we show you advertising that is relevant to you. If you continue without changing your settings, we'll assume that you are happy to receive all cookies on the BBC website. However, if you would like to, you can change your cookie settings at any time."
I'm in the UK - I still get the message, but no mention of advertising.
"We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we'll assume that you are happy to receive all cookies on the BBC website. However, if you would like to, you can change your cookie settings at any time."
I have cookies disabled by default. I don't want to see this alert every time I visit the BBC website. So I just created a quick greasemonkey script which removes it with a simple:
el = document.getElementById('bbccookies');
if( el ) el.style.display='none';
I thought you had to get explicit opt in? Simply hitting the page once and refreshing sets the cookie so you will never see the message again doesn't sound like explicit opt in to me?
As I understand it, most of the ad networks do the same thing in their opt-outs. You're not opting out of being cookied. You're just opting out of "personalized" advertising. Most non-technical users who "don't want cookies on my computer" would probably dislike a truly cookie-less web.
I don't mean the concept of cookies, I mean this sudden rush to legislate them. I don't want to be bothered every time I visit a new website for them to ask if they can use cookies or not. It's a pain in the ass and it's a UX nightmare.
I agree that it's a questionable law, but you said "have nothing better to be spending their time on" and I'm just saying that its not an inherently wasteful thing to spend time being concerned about.
When you outlaw cookies, then only the outlaws will have cookies. I tend to hold the belief that consumer protectionism laws don't really protect consumers, in that it lulls consumers into an inattentive stupor when it comes to things they best educate themselves on instead.
So I thought the EU directive 2009/136/EC only affected cross-site tracking cookies, the type of cookies that AD networks use. Is this not the case or it’s just BBC that goes the extra mile?
Anyway, it seems ridiculous to ask for consent to use basic cookies (e.g. to remember the preferred language or the region to use in weather widget) on every single website hosted in EU.
Optimally, browsers should just send your preference like they do with DNT headers:
Cookie-Preference: (None|Essential|All)
Something in that manner — I didn’t really think it through.
Actually, wasn’t P3P supposed to be used for something like that? Maybe it’s time to reinvent it… :)
From the Wikipedia page about P3P:
> As an example, a user may store in the browser preferences that information about their browsing habits should not be collected. If the policy of a Website states that a cookie is used for this purpose, the browser automatically rejects the cookie.
That’s even better, because you don’t have to rely on the site to follow law. If something like P3P was widely used by all the major sites, you could set your browser to reject all cookies that don’t include necessary privacy policy along with them. Persistent, tracking cookies could be rejected by default, unless signed by a trusted agency, that would make sure that necessary policies are followed (and it’s not just rogue site that wants to infect you with their cookies). That way AD networks could continue to work seamlessly.
P3P might have had some problems, but the core ideas appear to be sound.
31 comments
[ 2.2 ms ] story [ 87.6 ms ] thread"We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we'll assume that you are happy to receive all cookies on the BBC website. However, if you would like to, you can change your cookie settings at any time."
And "Find out more" links to http://www.bbc.co.uk/privacy/cookies/bbc/
"When I turn off my screen, the BBC's website is all black! Very bad UX!"
Do we really need this awful constant nannying to death that is such a feature of modern life?
More examples --> https://twitter.com/alexmuller/status/205605081662504960/pho...
This is absurd. Do the legislators in GB really have nothing better to be spending their time on?
Anyway, it seems ridiculous to ask for consent to use basic cookies (e.g. to remember the preferred language or the region to use in weather widget) on every single website hosted in EU.
Optimally, browsers should just send your preference like they do with DNT headers:
Something in that manner — I didn’t really think it through.Actually, wasn’t P3P supposed to be used for something like that? Maybe it’s time to reinvent it… :)
From the Wikipedia page about P3P:
> As an example, a user may store in the browser preferences that information about their browsing habits should not be collected. If the policy of a Website states that a cookie is used for this purpose, the browser automatically rejects the cookie.
That’s even better, because you don’t have to rely on the site to follow law. If something like P3P was widely used by all the major sites, you could set your browser to reject all cookies that don’t include necessary privacy policy along with them. Persistent, tracking cookies could be rejected by default, unless signed by a trusted agency, that would make sure that necessary policies are followed (and it’s not just rogue site that wants to infect you with their cookies). That way AD networks could continue to work seamlessly.
P3P might have had some problems, but the core ideas appear to be sound.
Also, to change your cookie settings for BBC, you can do it at http://www.bbc.co.uk/privacy/cookies/managing/cookie-setting...