this post was submitted on 08 Jan 2024
1030 points (99.3% liked)

Technology

59652 readers
5162 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
top 50 comments
sorted by: hot top controversial new old
[–] Ensign_Crab@lemmy.world 321 points 10 months ago (2 children)

It would be nice if the options weren't like "Enable all cookies" and "navigate 4 menus that try to convince you to enable all cookies."

[–] shasta@lemm.ee 194 points 10 months ago (1 children)

It would be better if you could set your preference on the browser once and never have to mess with it again unless you want to have exceptions for specific sites

[–] adam@doomscroll.n8e.dev 68 points 10 months ago (1 children)

In theory this is done. There is a Do Not Track (DNT) header that is browser defined. Does anyone use it? Do they fuck.

[–] Lath@kbin.social 102 points 10 months ago (1 children)

I use it and the browser kindly explained to me that the feature is mostly useless because sites don't give a shit about it.

load more comments (1 replies)
[–] ExLisper@linux.community 78 points 10 months ago (3 children)

AFAIK the regulation already says that the "only necessary" should be available with one click. I think the issue is that it's difficult to go after all the small pages that are breaking the law. The big ones like YT of Google already have the 'disable all' button on top, I'm guessing because EU complained.

[–] Honytawk@lemmy.zip 26 points 10 months ago (1 children)

It doesn't say that it should be available with one click.

It says that accepting should be just as easy as declining. Which also includes things like not being allowed to have a "greyed out" button to reject while the accept button is big and sparkly.

load more comments (1 replies)
load more comments (2 replies)
[–] Blackmist 187 points 10 months ago (15 children)

Just make it illegal to sell user data to "data partners", and use cross site tracking.

Nobody actually "consents" to this shit. They just don't read.

load more comments (15 replies)
[–] GiddyGap@lemm.ee 141 points 10 months ago (1 children)

I'm not a fan of the cookie consent popups, but I do appreciate the EU actually trying to do something to protect people's privacy. Seemingly the only major entity to do so right now.

load more comments (1 replies)
[–] yamanii@lemmy.world 137 points 10 months ago (2 children)

A better solution would be to force sites to care about the Do Not Track browser setting that currently does nothing as told by the browsers themselves.

[–] drugo@sh.itjust.works 59 points 10 months ago

Exactly this. The goal of requiring explicit cookie consent/refusal is admirable, but the implementation of cookie banners is both useless and terrible. We already have a way to communicate to websites whether we're alright with cookies or not, they're called HTTP headers.

load more comments (1 replies)
[–] FluffyPotato@lemm.ee 118 points 10 months ago (12 children)

Just add 2 things:

  1. Cookie settings are possible to set in the browser for all pages.
  2. There's a reject all button on every cookie banner.
[–] CosmoNova@lemmy.world 87 points 10 months ago (3 children)
  1. There’s a reject all button on every cookie banner.

Most importantly, those banners should be streamiled to look the same at the very least. No highlighing "ACCEPT ALL" while graying out "reject all" nonsense. No swapping the buttons left and right, top to bottom trickery. I'd prefer if the browser takes care of it all, though. I'm already using a plugin for that, though it comes with draw backs.

load more comments (3 replies)
[–] iain@feddit.nl 59 points 10 months ago (3 children)

No, just ban the collection of user data and selling to 3rd parties. Enormous fines for anyone still doing it. Destroy this entire industry please.

load more comments (3 replies)
load more comments (10 replies)
[–] Adanisi@lemmy.zip 97 points 10 months ago (3 children)

What's annoying is the "Reject" button hidden on another page. That should be illegal.

[–] FrederikNJS@lemm.ee 80 points 10 months ago (1 children)

And it actually is... Quote from the GDPR:

It shall be as easy to withdraw as to give consent.

[–] spirinolas@lemmy.world 33 points 10 months ago (1 children)

The problem isn't the law. It's that it isn't enforced.

load more comments (1 replies)
[–] Evia@lemmy.world 36 points 10 months ago (1 children)

Plus the 'legitimate interests' of 3rd parties

[–] FrederikNJS@lemm.ee 24 points 10 months ago

Yeah, definition of "legitimate interest" is definitely being stretched well beyond it's breaking point.

load more comments (1 replies)
[–] daniskarma@lemmy.world 95 points 10 months ago (11 children)

It should be just a browser option.

You set cookies on or off, ans the browser sends the option in the headers. Websites just need to take the option from the header instead of a banner.

[–] zaphod@sopuli.xyz 40 points 10 months ago (1 children)

It already exists and is called "do not track".

[–] MrOtherGuy@lemmy.world 53 points 10 months ago (1 children)

Unfortunately by sending DNT you are merely suggesting to the server that you wish to not be tracked. There's no requirement for the server to actually care about you at all.

Now, if DNT were actually legally binding though - that would indeed be very cool.

load more comments (1 replies)
load more comments (10 replies)
[–] lemann@lemmy.dbzer0.com 87 points 10 months ago

They should do something about "consent platforms" using various DNS tricks and thousands of domain names to bypass/evade user blocks.

I wasn't so bothered about some non-invasive ads a few years ago, but I absolutely despise any kind of ad now TBH, and it's mainly down to how persistent some of these platforms are with their evasion tactics

Also pretty ironic for their popups to talk about "respecting" my privacy when these platforms literally do the opposite of that to show their popup in the first place. I will not support any of them, in any way, on my network.

As soon as I see a new one appear when browsing, I chuck it into dnsdumpster so it can get recorded with the rest of them, and then block the new list from dnsdumpster (grid icon) on my network.

[–] BrightCandle@lemmy.world 80 points 10 months ago (4 children)

The EU law explicitly says no consent by default and users have to opt in. All of these cookie banners are breaking the law, the law doesn't need to change it just needs enforcing and these banners will disappear. We already have a do not track header and that could be complied with but it's enforcement that is the problem.

load more comments (4 replies)
[–] nothing@lemm.ee 75 points 10 months ago (1 children)
[–] metaStatic@kbin.social 32 points 10 months ago (1 children)

Narrator: They made it worse

load more comments (1 replies)
[–] Manmikey@lemmy.world 73 points 10 months ago (8 children)

I'd be happy to keep the ones that say:

"we notice you are in europe and we can't use our cookies to track you so you can't come to our website"

It's good to know sites with policies like that to ensure I never visit them.

[–] Blackmist 30 points 10 months ago

"It is literally impossible for us not to spy on you or sell your data. Sorry not sorry bye."

load more comments (7 replies)
[–] StereoCode@lemmy.world 71 points 10 months ago (3 children)

What if this wasn't a website issue but a browser one. Browsers invented cookies so browsers should be the ones to implement the banner feature. All Developers would then be forced to implement fallbacks to their cookies since the user could turn cookies off. If it was browser based fix then it would be a consistent UI and developers wouldn't be able to do shady shit(at least with cookie consent is concerned)

load more comments (3 replies)
[–] chitak166@lemmy.world 43 points 10 months ago (6 children)

Eh, I think cookies should just be opt-in unless they're absolutely necessary for the site to function.

load more comments (6 replies)
[–] daniskarma@lemmy.world 42 points 10 months ago (1 children)

At least the regulation show us how shady internet is. That banner only shows up if the website is going to use cookies to use your data as a way to make profit. The fact that every website is doing that was eye opening for a lot of people.

[–] brey1013@lemmy.world 23 points 10 months ago (2 children)

Lol I'm a web developer who has put hundreds of those banners on clients' sites. Not as part of some nefarious data-selling scheme, but rather as a shallow tickbox exercise in order to comply with laws about technology they don't understand.

In this case, assuming ignorance over malice is the way to go.

load more comments (2 replies)
[–] TWeaK@lemm.ee 42 points 10 months ago (1 children)

Not only are they annoying, they go half way to legitimising the theft of user data.

[–] qevlarr@lemmy.world 25 points 10 months ago (5 children)

Exactly. Identify what uses are legitimate and what uses aren't, and legislate directly. None of this consumer consent crap because it's meaningless to consumers. No consumer benefits from their browsing habits being under surveillance.

load more comments (5 replies)
[–] erranto@lemmy.world 37 points 10 months ago* (last edited 10 months ago) (3 children)

I bet they will keep adding loopholes to keep websites bullying their visitors.

why bother making legal frameworks when you can't enforce them, there are hundreds of thousands of website including very prominent ones that hide the "reject all cookies" button after a second screen prompt. or flat out force you to opt-out of every second cookie category , just so you give up. they haven't been fined. and they know EU authorities aren't bothered either, so they keep infringing on the GDPR.

[–] BlueBockser@programming.dev 33 points 10 months ago

Lawmaking is a slow and tedious process full of compromises, and the EU is apparently the only governmental body that cares enough to actually do something against the wild west of digital tracking. I for one am happy about that, and contrary to public opinion the GDPR is actually being enforced (albeit not strictly enough).

load more comments (2 replies)
[–] lurch@sh.itjust.works 29 points 10 months ago

There are sites that respect the "do not track" setting of the browser and just display a small timed info on your first visit that cookies have been rejected. Example: geizhals.eu geizhals.de

[–] FishFace@lemmy.world 29 points 10 months ago (10 children)

A start would be to require sites to remember non-consents for at least as long as they remember consents. Why do I have to be asked about cookies by every site every month?

load more comments (10 replies)
[–] dacookingsenpai@lemme.discus.sh 26 points 10 months ago (3 children)

A serious law would be like (but in legalese):

  • By default you CANNOT use tracking cookies
  • If you want to use them you should have a Table that classify them based on how much fingerprint do they take
  • Then you have to explicitly ask the user in the most clear and unintrusive way possible if you can track them
  • And the consent should last 30 days max
[–] Holli25@slrpnk.net 36 points 10 months ago (2 children)

That is actually really close to what is present now. The EU never said "use cookie banners" but rather "if you really want to track people, they have to say yes". And most commercial websites decided to make it hard to say no, now everyone blames the EU for doing so. Your second point is not yet implemented, this would be really good for consumers.

load more comments (2 replies)
load more comments (2 replies)
load more comments
view more: next ›