I’m not sure how long The Guardian has been asking permission before displaying embedded Instagram posts, but I only noticed this today:
Facebook is particularly egregious when it comes to placing unasked-for cookies on website visitors’ devices. But those of us running websites have also been neglectful of the responsibility we have to protect our visitors who, after all, are just looking for some information or amusement. Ignorance is no defence – you still see social sharing widgets on international newspaper websites even though no-one ever clicks on them. And we’ve known for years they track all visitors.
Trust is a central element of any brand, far more important than a logo or tone of voice. 99% of your visitors may not be aware of how Facebook tracks them, or even be bothered, but that doesn’t absolve you from considering the privacy implications of what you do. We value your privacy is an empty statement if you’re not at least using
no-cookie YouTube embeds, or if you’re adding a Facebook widget or pixel to your website.
One wonders at the cynicism the Facebooks and Googles of this world have engendered among website owners. Maybe that’s changing, or maybe in a few years organisations won’t have any choice in the matter – The Guardian is simply adapting to a world in which browsers don’t allow third party cookies and governments enforce opting-in.