I feel this needs to be repeated πͺ
The annoyance of cookie banners
doesn't come from the regulations, but from the malicious compliance of the corporations who want to exploit your personal data.
No data-harvesting cookies = No banner.
Simple.
My websites have no cookie banners,
because they don't use any non-essential cookies and don't track visitors.
Yours shouldn't either.
(1/2)
I had a weird experience (in the UK) where I wanted to buy a smart phone outright. In the scheme of things It wasn't a lot of many. A few hundred Pounds, Dollars, Euros.
They got the phone from stock, I had the cash and then they tried to get my name address phone number etc. I refused, they claimed they needed it for security, guarantee purposes. I said no and went to another retailer who were happy to take cash no questions asked.
(2/2) I relayed this story to a work college. He had a friend who worked in the store and told me they got Β£7 gbp for the data harvested when they sold a device.
They literally wouldn't sell me a device unless they data ambushed me.
This chain of stores had since gone out of business
And I have subsequently bought at least 3 more phones from the other store since. And family members had done the same on my recomendation.
Interesting!
@raymierussell @chillybot @Em0nM4stodon With a receipt they're legally obliged to honour any warranty / fitness for purpose claim.
In principle, they may know whether they sold a specific item (some product model numbers, eg of printers, monitors, TVs are specific to certain outlets) but the onus is on the customer to prove where and when they bought it. An electronic payment record may suffice but isn't guaranteed.
Sad how many just blindly hand over data!
@Em0nM4stodon stupid question from a non-expert, but where do analytics fit into this? Not the "we want to analyse what you're buying" kind but the "how do you use our site" kind. Because I've noticed even government sites use the banner and presumably they don't sell your data.
I'm tangentially involved with building a public sector web portal, and we would like to understand if and where users struggle with the service. Or is that not done with cookies and/or would those class as essential?
@thecasualcritic
> we would like to understand if and where users struggle with the service. Or is that not done with cookies and/or would those class as essential?
Yes, is the short answer.
If the party who controls the website wants information about how the site is used, they have full access to the logs that are recorded by the site while each visitor is using it. GDPR has nothing to say against that, go digging through your own site logs as much as you like.
@demiurg
> If you send the data to Google for doing this
Yes, and that counts as not having control over your own analytics.
The correct solution to βmust I warn my users, if I send their data to surveillance corporations?β
is: do not send your user's data to surveillance corporations.
That's a good question. In ye old days we'd analyse the server logs. No cookies needed. I'd run a script that generated pretty graphs. The script was called 'Analog' if I remember correctly
Now you can use things like plausible.io, free for self hosted or pay them. It works without cookies using JavaScript and doesn't resolve the level of data you'd need to personally identify someone.
It tells me more than enough for my sites (work and play).
@Em0nM4stodon Just like all the sites that tell me I need to turn off my "ad blocker" so they can afford to provide me their service.
Except, I don't have an ad blocker -- I have a tracking blocker, which does not block ads that don't try to track me.
@Em0nM4stodon As soon as you add a βselect your preferred languageβ, region, popup, user login, display preference, dynamic scrolling position, anything, youβll have browser side state. The *vast* majority of websites have at least one of these features.
The privacy invading tracking is horrible and off the rails too of course.
But even if they didnβt do any of that, sites would still be advised by lawyers that they had to put up consent banners. Itβs just too easy for any web designer working a ticket to add some little code library and end up creating a huge liability for the company.
@Em0nM4stodon
What's worse is the ones that say we won't let you refuse any unless you pay.
Then of course they still track you.
Never put the "sample" code for a typical social media icon on your site. It's a malicious tracker.
@raymaccarthy @Em0nM4stodon Best response to all such sites is to close the tab and move on.
Consider actively blocking them if a lot of other sites link to them, you don't want their crap loading at all.
@shironeko @Em0nM4stodon You are just wrong. Like, completely and utterly have absolutely no idea what you are talking about.
The absolute cavalier way companies behaved with your data before GDPR... like, I saw it myself.
@shironeko @Em0nM4stodon Oh, is this one of those leftist purity tests where anything less than the absolute is worthless.
Got it.
Same line of thinking that forced me to flee the US.
@shironeko @Em0nM4stodon They don't have data you haven't consented to, and definitely not in ways that bind to your name.
Why do you think they have your data?
@shironeko @Em0nM4stodon I know for absolute certainty that corporations big and small are afraid of violating these laws and that engineering departments in any company >1m revenue have spent extensive resources on compliance.
#GDPR is, quite frankly, the most successful piece of civil-rights legislation that's been past in the 21st century.
How do I know? Because I've personally been working with companies on navigating these regulations for a decade. My current income is specifically from compliance engineering.
There's an enormous amount that this regulation did, and it would be hard to overstate how much more fucked we'd all be right now without it.
It is probably the only reason the ADF hasn't taken over Germany.
@shironeko @Em0nM4stodon You, personally, have benefitted from it.
Like, I am beginning to wonder if you are actually here specifically to push a right-wing agenda by trolling as a clueless leftie.
@shironeko @Em0nM4stodon Here's the easiest way to frame it.
If it weren't working, Billionaires wouldn't be fighting it (and the EU AI Act) right now in the EU Data Omnibus legislation.
You are literally repeating and falling for right wing propaganda intentionally designed to direct your ire at the actual legislation protecting your rights.
The megacorps want nothing more than to make everyone cynical about regulations and laws that favor common people over them getting piles of cash.
@shironeko @Em0nM4stodon It's not skirted around. Just click no.
Jesus.
Also, GDPR does _WAY_ more than cookie banners. Even if you click yes, they _still_ have to protect your PII in ways they never did before.
LuckyLuke
Em 
Chilly 
π‘οΈ 
Raymond Russell
Jennifer Moore π·
Francis Mangion (M)
max oakland
SamuelJohnson
Maia
Sax Brightwell π¨π¦
The Casual Critic
bignose
Demiurg
β΄β΄β΄ΓπΖ.Ζκβ΄π₯ΡΙΌπ©π»βπ»
Steve Root
kravietz π¦
Brian "bex" Exelbierd
Morgan β§οΈ
Sylvia Osteen
Analog AI
Three
endrift π³οΈββ§οΈ
Marsh Ray
Ray McCarthy
LukefromDC
The Nexus of Privacy
Cassandrich
Peace is Not A Fable 
shironeko