NemeskiEuropean Union set to revise cookie law, admits cookie banners are annoying
nothingNow don’t make it worse!
Narrator: They made it worse
‘they always can, they always will’
linearchaosOH THANK f’ING GOD
They should do something about “consent platforms” using various DNS tricks and thousands of domain names to bypass/evade user blocks.
I wasn’t so bothered about some non-invasive ads a few years ago, but I absolutely despise any kind of ad now TBH, and it’s mainly down to how persistent some of these platforms are with their evasion tactics
Also pretty ironic for their popups to talk about “respecting” my privacy when these platforms literally do the opposite of that to show their popup in the first place. I will not support any of them, in any way, on my network.
As soon as I see a new one appear when browsing, I chuck it into dnsdumpster so it can get recorded with the rest of them, and then block the new list from dnsdumpster (grid icon) on my network.
Hugging StarsJust don’t remove it entirely, currently companies will at least pretend to comply.
bEFORE yOU cONTINUE tO gOOGLE sure is annoying though.
Please do remove it entirely.
I manufacture data about myself. Businesses want to collect this data for their commercial benefit and profit, without paying me. Cookie splash screens almost provide a method for this to happen legitimately, while still not providing me fair consideration.
Businesses should be prohibited from collecting user data, from taking value, without paying for it.
Remove banners, just make the companies respect the browser setting.
Not only are they annoying, they go half way to legitimising the theft of user data.
qevlarrExactly. Identify what uses are legitimate and what uses aren’t, and legislate directly. None of this consumer consent crap because it’s meaningless to consumers. No consumer benefits from their browsing habits being under surveillance.
Was done before too, but now the websites simply need a banner for using categories of cookies which require it (tracking, marketing, ..)
And we already have GDPR at least limiting activities in a broad sense. (of course lots of leeway, but still much better than before)
And we already have GDPR at least limiting activities in a broad sense. (of course lots of leeway, but still much better than before)
What do you mean? GDPR allowed for the “unless the visitor agrees” stuff so that’s why we see cookie banners everywhere.
I would say it should either be allowed or not, depending on the use case. A navigation app should be able to track your location for the service they provide but not for ads or selling to other companies. Your calculator app has no business even asking. Profile based advertising (rather than content based) should be banned wholesale. That sort of stuff
NeshuraYou do realize you only see the cookie banners because the companies are now forced to show you one? It’s not like they started collecting shit only after the GDPR nor is it entirely illegal and unethical to sell user data. The point of the GDPR was to make users aware of which websites are selling which data and give them an avenue (be that declining cookies or leaving the site) to prevent that. Corporations then designed their way around the wording of the GDPR to make declining cookies as difficult as possible which is why we’re seeing this push for a revision now. The goal still isn’t to make user data based financing impossible, it still is to prevent users from being pushed or bullied into selling their user data against their will.
That should be the goal. This cannot be left to individual consumer choice, is what I’m saying. The annoying cookie banners should be a wake-up call for regulators that the “let the consumers decide” experiment has failed.
The cookie banner is only required to store data on the users device. the tracking without is still possible and potentially allowed via legitimate interest.
If they want more they already ask for more outside the cookie banners when they require or want to have your consent (e.g. consent to load content from sources which will transfer your data outside their control e.g. youtube-embedings)
The limitations of whats allowed is already established in the GDPR, so anything you cannot find legitimate reasons for is already not allowed e.g. simply selling your data to other companies (as long as they include PII)
And as coupling is not allowed either its not allowed to couple consent with a cookie banner (which should only be used to ask for permission to store data for purposes which arent required for the usage).
What we do need is to have a technical implementation of the browser to tell the website via standardized methods what is allowed or not.
This is the worst output of EU regulation ever. How has it taken them so long to realise it’s annoying?! Don’t they use the internet in Brussels?
You dont need a cookie banner if you dont want to invasively track the users.
So its really the fault of the websites for wanting to use categories of cookies which do require a banner (ad and tracking).
So its really the fault of the websites for wanting to use categories of cookies which do require a banner (ad and tracking).
Indeed
Plenty of websites that don’t have a cookie banner like Wikipedia and Lemmy. And both of them are completely legal.
It is only after the cookie banner that we now know how many websites are actually selling our data, turns out it is the grand majority of them.
Yup. What most people do not get. Wikipedia, Lemmy and others only need consent when they start processing personal data, like in the registration form.
Clicking “agree” on a banner on first visit is like creating an account with IP address acting like a login.
No, selling would also not be allowed via a cookie banner as the cookie banner doesnt address that.
GDPR already doesnt allow usage of PII which you cannot find legitimate reasons for. Just selling PII is never allowed as you will not find a legitimate reason for doing so.
But the cookie banner can allow more invasive tracking via setting tracking cookies which can be covered under legitimate interest for the operator of the website themselves.
GDPR already doesnt allow usage of PII which you cannot find legitimate reasons for. Just selling PII is never allowed as you will not find a legitimate reason for doing so.
But the cookie banner can allow more invasive tracking via setting tracking cookies which can be covered under legitimate interest for the operator of the website themselves.
You must hate your doctor for giving you the diagnosis of your illness :P
Just add 2 things:
PlutoniumAcid
MaestroHe said that should be added
So true. And then you have Schibsted, Norways biggest media conglomerate; the only way to reject cookies is that you have to log in in order to reject it! According to the cookie law (no idea what it’s called), it’s illegal. It’s been reported to the EU and Norwegian government numerous times, but nothing happens. Fuck Schibsted!!
RobaqueIn my experience a lot of italian (particularly “news”) websites basically say “accept cookies or sign up for our paid subscription”
Incognito and accept all
I meant it should be added as a default thing you have in every one of those things.
The reject all is already a thing. (Well now not sure if is all all or only necessary but doesn’t matter much those are not an issue)
Although usually is not called this way or they use some confusing pattern.
Most importantly, those banners should be streamiled to look the same at the very least. No highlighing “ACCEPT ALL” while graying out “reject all” nonsense. No swapping the buttons left and right, top to bottom trickery. I’d prefer if the browser takes care of it all, though. I’m already using a plugin for that, though it comes with draw backs.
vext01Right, this!
Tired of all the dark patterns.
Which plugin do you use?
I am using „I still don‘t care about cookies“ for Firefox. It basically auto-selects the least required cookies possible. Though some sites don‘t offer opt-out so it will automatically accept those cookies. Not perfect, but I really can‘t be bothered to do a cookie captcha every time I open a private tab for example.
But even if you reject all, you still allow them to track you through the legitimate interest cookies
That doesn’t sound like a legitimate interest and should be fined or something.
No, just ban the collection of user data and selling to 3rd parties. Enormous fines for anyone still doing it. Destroy this entire industry please.
The EU is primarily pro-business, but that also means being against anti-competitive and underhanded business practices
The browser thing sounds like a good solution (although there must be a reason why DNT headers weren’t made legally binding, potentially as they wanted to allow people to pick and choose what cookies they allow based on what they thought was “too far” or something but that’s conjecture), however disallowing all user data will likely lead to companies not being able to advertise to people who are interested in their products, something which the EU will see as a negative and would also cause an uptick in scams and misinformation as you see in low quality advertising space at the moment
This comment got to me really late, probably to Lemmy’s distributed nature.
But I still want to add: of course business will make more money if you allow more practices, but selling personal data just has too many negative consequences.
Also low quality advertising? You mean like billboards and in the newspaper? You mean regular advertising?
I mean “[local town] grandma discovers 10 foods you never knew you should avoid” or even downright scams when I say low quality advertising
adONiswell, not on every cookie banner
I’d be happy to keep the ones that say:
“we notice you are in europe and we can’t use our cookies to track you so you can’t come to our website”
It’s good to know sites with policies like that to ensure I never visit them.
Blackmist“It is literally impossible for us not to spy on you or sell your data. Sorry not sorry bye.”
It should be just a browser option.
You set cookies on or off, ans the browser sends the option in the headers. Websites just need to take the option from the header instead of a banner.
It already exists and is called “do not track”.
Unfortunately by sending DNT you are merely suggesting to the server that you wish to not be tracked. There’s no requirement for the server to actually care about you at all.
Now, if DNT were actually legally binding though - that would indeed be very cool.
Yes and this is what they should have legislated. I don’t know if lobbyists or stupidity got in the way, or both. But the fact that this news comes now so close to Chrome abolishing cookies for its new “privacy” feature is suspicious timing.
There are addons (for firefox at least) where the cookie banner will come up but your browser auotmatically refuses all cookies.
bob_lemonThis is the one I use. It’s FOSS and developed at a university.
Am I mistaken in believing it is an already a browser option?
Off the top of my head Qutebrowser and Falkon both support not-saving 3rd party cookies.
Your browser can not save third party cookies, but it might break some sites. Some advertising situations allow the use of first-party cookies, and blocking first-party cookies will break most sites.
In either case you will still have to fill out the consent form, and if the consent is stored in the kind of storage you block, then you will have to fill it out every single time you visit.
That has been tried with the DoNotTrack header. Turned out servers didn’t oblige by it.
That’s because it was entirely voluntary. It should be integrated in the browser by law, and the choice should be binding
if website has a choice, then they will often choose an option that benefits them the most.
Good news is third party is being phased out now …mozilla.org/…/goodbye-third-party-cookies/
Saying goodbye to third-party cookies in 2024 | MDN Blog
The tail end of 2023 welcomes positive news for web privacy, as Chrome announces it is to join Firefox and Safari in deprecating third-party cookies in 2024. Find out more details about these changes, and what they mean for web developers.
The DuckDuckGo browser has this baked in as ‘Cookie Pop-up Protection’. It doesn’t quite get rid of them all, and doesn’t let you set a default for what you want (it’ll basically pick the most privacy-forward option) but I’ve found it works pretty well.
There are sites that respect the “do not track” setting of the browser and just display a small timed info on your first visit that cookies have been rejected. Example: geizhals.eu geizhals.de
At least the regulation show us how shady internet is. That banner only shows up if the website is going to use cookies to use your data as a way to make profit. The fact that every website is doing that was eye opening for a lot of people.
Lol I’m a web developer who has put hundreds of those banners on clients’ sites. Not as part of some nefarious data-selling scheme, but rather as a shallow tickbox exercise in order to comply with laws about technology they don’t understand.
In this case, assuming ignorance over malice is the way to go.
In this case i assume you’re an ingnorant developer who didn’t thought of better options to comply with the law
morgunkornBecause asking nicely and hoping always worked that well…
Common European Union W