this post was submitted on 31 Oct 2023
928 points (99.9% liked)
Technology
59666 readers
2703 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
GDPR was designed around the "Do not Track" browser flag, so that websites can get a semblance of consent using those annoying cookie prompts, with dark patterns like hiding the "Decline All cookies" inside the second page of the prompt, or using very small fonts and gray colors + very confusing language. and they have carried on with complete impunity for 5 years now.
Luckily in Germany the law states that at least the "Decline all cookies" button has to be in the same place as the "Accept all cookies" one. So at least the local sites are kind of easy to navigate.
Only problem at the moment are "Accept all cookies or buy a subscription" banners. But as far as I know the courts are inclined to side with the customers on this one as well.
I mean, most companies still don’t abide by it tho. There’s lots of sites where you can accept all cookies or you have to jump through a few hoops to decline the non essential ones.
Am I supposed to trust the company to correctly define 'essential?' Seems easy to weasel around and makes me nervous.
It's almost certainly going to be litigated at some point, so a court is going to define "essential"... eventually.
Also a good point, I agree
I install the extension consent-o-matic and let it jump through the hoops for me.
I just open any site with one of those cookie-banners in a private window so that any cookie it creates will be deleted as soon as the window is closed.
Another ridiculous half measure that I need to actively engage with a website to avoid being harvested.
They should have made websites not track be default. If I want to be tracked, then I can go and hunt down a link for the pleasure.
Do not track is the default position. However websites really want to track you. They choose to gate their website behind that popup.
Remember you can follow gdpr without these popups on your website.
Totally. If we’re going make real change with this we need hard enforcement that says “you must provide a default setting that can be set per browser” or something that avoids the entire need for sifting through their cookie menu to find out I left one turned on. But this is peak example of ineffective laws to govern the internet made by people who don’t have any experience in computer science. I’m sure we will continue to see “do not track is just a suggestion” messages continuously. Or the requirement for each individual website to specify what type of tracking in absurd detail.
A while ago I ran into a site that had a toggle for your selection of being tracked or not, but there was no text indicating which side of the toggle meant yes/no and it stayed green no matter which way you toggled it. Can’t imagine it would hold up in court but I’m not the one with the money to deal with it.
My personal favorite is the one that defaults to "off", but when you go to the detailed page it puts "legitimate interest" on every single goddamn option with no "disallow all" option.