No more cookie banners for Firefox users?

  • jmk1ng
    link
    fedilink
    English
    arrow-up
    3
    ·
    edit-2
    1 year ago

    The trick here is clearly defining PII. Anything that could uniquely identify you and be linked to other sources tends to be problematic.

    So IP address? Not guaranteed to be unique so not super useful as a session identifier anyway, but IP could be used to cross reference data from other sources that could identify a individual.

    Dropping a totally random session cookie? Not allowed because cookies from your domain are now blocked.

    It’s really frustrating to hear from your users in the UK about some problems they’re having but you have zero logging, analytics, or anything from sessions in the UK because Sentry, GA, Datadog, whatever are all being blocked because they can’t drop cookies that they need to group messages and so on by session. Even if that session is considered totally anonymous to you, that doesn’t matter because the whole thing is a scoarched earth policy.

    • Skalman
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      Dropping a totally random session cookie? Not allowed because cookies from your domain are now blocked.

      The prompts are disabled/dismissed, not the cookies. You can still use e.g. session cookies as long as you don’t make it possible to connect it to other PII.

      That said, I hear you regarding the tooling. If Sentry/GA/Datadog can’t be used due to collecting too much PII, that makes your life as a developer much more difficult. It might even be impossible to create a generic analytics tool that avoids PII, though it’s certainly possible to create custom analytics.

      Fwiw, I’m based in the EU. My strategy so far has been to talk to and interview real people and rely on aggregate counters. I can see how that makes it difficult to diagnose issues that only appear for a small percentage of users.