Kookie?


/not excessively obscure

Aren't they called biscuits?

phlegmmo: Kookie?
[www.fiftiesweb.com image 150x223]

/not excessively obscure

Lend me your comb.....

Well, I do hope this helps to curb the nasty habit of some websites where they treat cookies like sql DBs and store practically everything in them.

BumpInTheNight: Well, I do hope this helps to curb the nasty habit of some websites where they treat cookies like sql DBs and store practically everything in them.

So why wouldn't they just store a session id in the cookie and keep everything in an actual sql DB? You know, like practically every site does. The law seems to specifically say data stored IN cookies.

itsdan: BumpInTheNight: Well, I do hope this helps to curb the nasty habit of some websites where they treat cookies like sql DBs and store practically everything in them.

So why wouldn't they just store a session id in the cookie and keep everything in an actual sql DB? You know, like practically every site does. The law seems to specifically say data stored IN cookies.

Aye and that's indeed the target, some sites just don't get it. I remember reading about a site a while back for instance that kept your phone number in one of their cookies and how another site was harvesting them.

BumpInTheNight: Aye and that's indeed the target, some sites just don't get it. I remember reading about a site a while back for instance that kept your phone number in one of their cookies and how another site was harvesting them.

Isn't the browser responsible for not sending cookies from site abc.com to xyz.com? Thought that was fundamental browser security.

itsdan: BumpInTheNight: Aye and that's indeed the target, some sites just don't get it. I remember reading about a site a while back for instance that kept your phone number in one of their cookies and how another site was harvesting them.

Isn't the browser responsible for not sending cookies from site abc.com to xyz.com? Thought that was fundamental browser security.

Its not supposed to for sure but there's ways to circumvent that using some of the scripting languages or at least there was then, the bigger take-away for me though was the site being targeted had its user's phone numbers in cookies in the first place. Beyond that a chunk of malware could glean quite a bit off of your browser's cookie storage without even having to visit any of the sites its got cookies for.

Why would we need a Boogie law to come into force?

I don't see how a site can be non-compliant with "implied consent" clause added to this regulation.

"The ICO has also updated its policy to allow organisations to use "implied consent" to comply. This means users do not have to make an explicit choice. Instead, their continued use of a site would be taken to mean they are happy for information to be gathered."

Maybe the ICO expects a site to add a sentence to its privacy policy, "By using this site, you give consent to cookies"?

Cookie Monster sings Tom Waits

LordOfThePings: Aren't they called biscuits?

That's a Jaffa cake; it's not a true biscuit.

ArcadianRefugee: That's a Jaffa cake; it's not a true biscuit.

Jaffa cake?


Do they have little worms inside?

From TFA:

Fines for non-compliance were unlikely to be levied, he said, because there was little risk that a non-compliant site would cause a serious breach of data protection laws that was likely to cause substantial damage and distress to a user.

Then why have a law???

BarkingUnicorn: I don't see how a site can be non-compliant with "implied consent" clause added to this regulation.

"The ICO has also updated its policy to allow organisations to use "implied consent" to comply. This means users do not have to make an explicit choice. Instead, their continued use of a site would be taken to mean they are happy for information to be gathered."

Maybe the ICO expects a site to add a sentence to its privacy policy, "By using this site, you give consent to cookies"?

By using this script, which is on thousands of other sites...

StoPPeRmobile: Maybe the ICO expects a site to add a sentence to its privacy policy, "By using this site, you give consent to cookies"?



Or a pop-up message - if you use this site you agree to cookies.

FWIW Instructions on disabling cookies means - Browser settings for all sites