Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

How do you manage login sessions without?

If you're a site that has even basic analytics reporting requirements, how do you do any of that without?

"Don't do these things" is a decent option for sole traders, microbusiness and hobby website operators, but good luck selling that to anyone "in a suit" (more likely $500 jeans or chinos nowadays).



> If you're a site that has even basic analytics reporting requirements, how do you do any of that without?

If your analytics are anonymous, as they should be, you don't need a cookie, nor a consent banner.

> How do you manage login sessions without?

You don't need to ask for consent for that, because it's a necessary requirement for functionality.


That is why we should do proper enforcement. Cookie popup that is not needed 1% revenue fine for each month it stays up. Suits will start to understand things really really fast.


You don't need a cookie popup for managing login sessions. Things that are essential to providing the feature don't need permission.

At least based on the so called cookie law. There is also GDPR, but you'd typically agree to that on signing up, not on accessing the site.


I'm puzzled how one can remain so ignorant.

Once again, there is no law requiring cookie popups. Gathering data fairly and transparently (e.g. login credentials) is perfectly fine. However if you wish to pass my data to third parties to track me (advertisers take a bow) then you need my explicit opt-in permission to do so. And so you should.

This isn't difficult to understand and has been law in the UK and EU for quite some time now.

Explanation is here: https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-re...




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: