Here’s an important comment we received over the weekend under the headline, “We don’t set cookies?”:
No, but you do allow others to set cookies via your front page, namely .sharethis.com, which you will spot has a preceding “.” meaning that all subdomains have access. I think its disgraceful that a site pretending to be pro-consumer choice is far from it. My view is that “privacychoice.net” is a site that from the outset intends to mislead its visitors. If your really anti-tracking, then dont allow ANY cookies on your own site.
This highlights an important issue — can privacychoice.org use third party cookies to increase the effectiveness of the site? In what circumstances and with what assurances?
Nevertheless, my plan is to move away from using ShareThis as soon as possible, since ultimately their business model is likely to include harvesting cross-site information one way or another. UserVoice, on the other hand, should thrive as a subscription service (and it helps that they have an office right down the hall, which increases their accountability).
This is a great example of the kinds of choices that face any online publisher — when is it okay to expose my users to third party cookies in order to make my service better, or to support it financially? I don’t think it’s enough just to say, never. For me, I drew the line ultimately at Google Analytics — it would be enormously helpful to have Google Analytics data in order to improve the experience for the users of privacychoice; but I chose not to because I’m not convinced that that the information Google receives in that process will always be used in a manner consistent with user expecations, particularly for a site like privacychoice.
I suspect this is the first of many difficult compromises for this project. My goal is to be completely transparent about these questions, and to use this site as an example of the kinds of real tradeoffs publishers must make when they live, as we all do, in Google’s world.