Cookies are an important part of the internet. The misconception that cookies were added to browsers to track people is why websites that operate in Europe are always bothering you about necessary cookies. You’re talking about third-party cookies and analytics tools, which don’t even need cookies at all to track exactly what you’re doing on a single site. Without cookies (or cookies reimplemented using client-side storage APIs instead of regular cookies), websites cannot keep you logged in or remember what you have in your shopping cart or any sort of preferences you have set.
At least in the US, don’t assume that local stores aren’t collecting the same information using cameras and credit card numbers and device trackers (eg if the store has free wifi, which sections of the store are wifi client devices in?).
Cookies are not needed. They are shifting the security onto the user. Secure the information on the server just like any other business. Offloading onto the client is wrong. It leads to ambiguity and abuses. Visiting a store and a business on the internet are no different. My presence gives no right to my person, searches, or tracking in the location or outside of it. Intentions are worthless. The only thing that matters is what is possible and practiced. Every loophole is exploited and should be mitigated. The data storage and coding practices must change.
The security is still implemented on the server. When you log in, most sites issue a cookie or otherwise store in the browser an authentication token. Subsequent requests provide that token so the server knows it’s still you. If the cookie is not persisted across tabs or browser sessions, every time you visit the site you must log in again (there are ways to make browsers do this if you really want to). If you didn’t allow even temporary client-side storage while on the page, most of the internet just wouldn’t work.
Cookies are an important part of the internet. The misconception that cookies were added to browsers to track people is why websites that operate in Europe are always bothering you about necessary cookies. You’re talking about third-party cookies and analytics tools, which don’t even need cookies at all to track exactly what you’re doing on a single site. Without cookies (or cookies reimplemented using client-side storage APIs instead of regular cookies), websites cannot keep you logged in or remember what you have in your shopping cart or any sort of preferences you have set.
At least in the US, don’t assume that local stores aren’t collecting the same information using cameras and credit card numbers and device trackers (eg if the store has free wifi, which sections of the store are wifi client devices in?).
You don’t need to get consent for necessary cookies.
Cookies are not needed. They are shifting the security onto the user. Secure the information on the server just like any other business. Offloading onto the client is wrong. It leads to ambiguity and abuses. Visiting a store and a business on the internet are no different. My presence gives no right to my person, searches, or tracking in the location or outside of it. Intentions are worthless. The only thing that matters is what is possible and practiced. Every loophole is exploited and should be mitigated. The data storage and coding practices must change.
The security is still implemented on the server. When you log in, most sites issue a cookie or otherwise store in the browser an authentication token. Subsequent requests provide that token so the server knows it’s still you. If the cookie is not persisted across tabs or browser sessions, every time you visit the site you must log in again (there are ways to make browsers do this if you really want to). If you didn’t allow even temporary client-side storage while on the page, most of the internet just wouldn’t work.
This is how I use the internet.