Stoney Creek, ON
reply to Arne Bolen
Re: Regarding latest update Your mistake of course is in assuming my VPN provider is the same legal jurisdiction as my ISP. The Canadian laws that will requiring logging e-mail, online chat, etc will only apply to the Canadian ISP's. My contract with my VPN provider stipulates they WILL NOT even log the dynamic IP address mapping, let alone details about the connections. So the Canadian government will not have legal authority to demand details about my connections without a warrant in my VPN providers jurisdiction. Even then, there will be no details to turn over. The best they could do is get a warrant to force future monitoring of my traffic. So I probably would not be safe performing criminal activity, but I should be fairly safe from fishing expeditions through my life.
You are right of course cookies are a huge security problem. Even bigger than actual authenticated logins. There are steps which one can take to limit this effect, but in truth no matter what steps you take http traffic is never secure, and https traffic is only somewhat secure. The main thing I want to avoid is if for example I connect to a Canadian website to do a tax return, is that does not leak enough information to trace my connections to other courtries. I have not found a fool proof way to do that yet, only ways to make it more difficult.