Hacker News new | past | comments | ask | show | jobs | submit login

I believe this is more due to lack of enforcement of the GDPR. The dark UX patterns you mention are not technically legal. There a numerous stipulations about how the consent must be freely given, simple and concise, opt-in, withdrawable, etc.

I think an equivalent of the GDPR becoming US law would go a long way to improving the problems of enforceability.




You say they are not legal, but then list all the requirements that they do comply with. That’s precisely why they are popups before first interaction, ask you to opt in (or not) and spend half a screen ( but not 50 pages) explaining themselves - concise yet clear and exhaustively explanatory as required.


Most services I've seen set tracking to the maximum by default, then present the user with an "OK, accept everything" and a less obvious "more options", where they must disable numerous default-on tracking options. That's opt-out, not opt-in, hardly simple or concise.

There are also plenty which simply say: accept our tracking or you can't use the service. Which is plainly in breach of Ch. 2 Art. 7.4 of the GDPR.


A GDPR for the US will be written by the very companies it was intended to protect consumers from.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: