Cookies are for session management; the central problem with cookies is that people feel that servers will treat certain sessions as ephemeral, but instead those servers track these people for a long-term creepy analysis. One connected problem is that many sites require cookies in order to show public content. Public-content sessions should be entirely ephemeral, meaning that you shouldn't need a cookie in the first place. (The New York Times offends in this regard egregiously and persistently.)
You can easily comply with the EU law by either placing the notice on the login page or else not storing cookies. This means that anybody who abuses cookies in the above way needs to be loud about it; "we're not giving you an ephemeral presence like you think!" -- which actually not only fixes this problem but also creates an incentive to not abuse cookies in this way.
I am not saying that we should abandon sessions entirely, but that it would be nice if the 'default' session treatment followed the rules that online banking uses: when the browser is closed, all sessions are done. If we did this then we'd want to include a 'persistent login' mechanism, which would take the form of an in-browser 'would you like to sign in?' dialogue accompanying a web site. This means that unlike current HTTP authentication, it would have to be somewhat asynchronous; you are shown the ephemeral version of the page while the browser itself requests you to confirm that you want to join your long-term session there. (I was originally going to recommend that the browser just handle a digital signature scheme, but of course that does not solve the 'logging on to Facebook from your sister's computer' problem easily. Hm.)
For advertisers this is a non-starter, because it prevents you from knowing the size of your audience. All sites would immediately begin requiring some form of "login" in your scenario in order to enable tracking again.
If you can't track uniques, you can't sell ads, and that's pretty much all there is to it. So there's huge incentive to undermine any scheme to prevent unique user tracking.
The solution is to somehow ban advertising, but that's biting off a bit more than simple user privacy.
"For advertisers this is a non-starter, because it prevents you from knowing the size of your audience. All sites would immediately begin requiring some form of "login" in your scenario in order to enable tracking again."
If this is really a non-starter for advertisers, then mandating it will effectively ban advertising, non?
Remember: your business model is not sacrosanct! Disruption!
I'm not arguing against banning advertising. Actually, I think that would be a fine idea.
Just recognize that unless you do ban advertising, the result of this change will not be what's intended. The intended result is that websites, in general, stop tracking anonymous users. Instead, it will result in every user being explicitly tracked.
The most important issue here is that the political feasibility of reducing tracking of anonymous users is equivalent to the political feasibility of banning advertising.
(I'm slightly overselling here -- in reality, a good amount of advertising of the "sponsorship" form would still work. But the impact would be large enough that most websites would force login as I describe rather than stop tracking people.)
It will also kill most "free content" websites that live off the ads revenue. Are you ready for paywalls everywhere, even if subscription is 25 � / mo?
If you’re an Internet company trying to pull advertising dollars away from TV, one of your arguments is that you can do much better tracking. When you run a TV ad, everyone watching the show gets the same ad, and people watching different shows see the same ad a non-optimal number of times.
That's a very good point. This would definitely happen to some degree. But it would still hurt internet advertising a good deal not to be able to track uniques, to show you an ad only once per day, to count how many people have been shown an ad, etc. even if you could know about how many people were on the site.
The result would likely be tracking via login as I describe, rather than true anonymity.
Cookies are for session management; the central problem with cookies is that people feel that servers will treat certain sessions as ephemeral, but instead those servers track these people for a long-term creepy analysis. One connected problem is that many sites require cookies in order to show public content. Public-content sessions should be entirely ephemeral, meaning that you shouldn't need a cookie in the first place. (The New York Times offends in this regard egregiously and persistently.)
You can easily comply with the EU law by either placing the notice on the login page or else not storing cookies. This means that anybody who abuses cookies in the above way needs to be loud about it; "we're not giving you an ephemeral presence like you think!" -- which actually not only fixes this problem but also creates an incentive to not abuse cookies in this way.
I am not saying that we should abandon sessions entirely, but that it would be nice if the 'default' session treatment followed the rules that online banking uses: when the browser is closed, all sessions are done. If we did this then we'd want to include a 'persistent login' mechanism, which would take the form of an in-browser 'would you like to sign in?' dialogue accompanying a web site. This means that unlike current HTTP authentication, it would have to be somewhat asynchronous; you are shown the ephemeral version of the page while the browser itself requests you to confirm that you want to join your long-term session there. (I was originally going to recommend that the browser just handle a digital signature scheme, but of course that does not solve the 'logging on to Facebook from your sister's computer' problem easily. Hm.)