← Back to context

Comment by Kovah

3 years ago

Cookies needed to properly provide user authentication, i.e. user session identification, are counted as "technical necessary" cookies and do not need a cookie banner. You only need to ask for cookie consent, if you track visitors with third-party services. And, to counter your unique visitors claim: you don't need cookies, or any third party service, for that. Everything can be done locally without disrespecting user privacy.

3 comments

Kovah

Reply
leephillips  3 years ago

Exactly. HN doesn’t need a cookie banner because they’re not spying on their users. No barrier to keeping track of sessions.

mattmcknight  3 years ago

> and, to counter your unique visitors claim: you don't need cookies, or any third party service, for that. Everything can be done locally without disrespecting user privacy.

how do track unique visitors without cookies, and how is that way less "disrespecting" of user privacy than a cookie?

  • Kovah  3 years ago

    IP and User Agent, for example. Goaccess[1], a tool to generate statistics from webserver logs, is capable of calculating unique users. Calculating unique views entirely on your own server without any of that data leaving it, is way more privacy friendly than urging your users into accepting cookies so that Google can harvest their data and send it to their US servers.

    I wrote "disrespecting" because using GA is exactly this for me. Website owners give a f** about your user privacy just to save them some work, without caring about any of your users' data.

    [1]: https://goaccess.io