Hacker News new | past | comments | ask | show | jobs | submit login

These dark patterns are very widespread, and are even seen on generally reputable websites like TomsHardware, but are they actually GDPR compliant?

GDPR enforcement is approximately zero, to my knowledge, so I don't know if there's even really an answer to the question.

For what it's worth, Wikipedia gives the impression no-one really knows. https://en.wikipedia.org/wiki/General_Data_Protection_Regula...




Several regulators have made unambiguous statements that they are not compliant. However, they are not very high on the enforcement priorities.

ICO, the UK regulator, seems to take a dim view of dark patterns, but they're only outright banned for children's content: https://ico.org.uk/for-organisations/guide-to-pecr/guidance-...

(PDF) Irish DPA's sweep of thirty-odd websites under its jurisdiction. Lots of good guidance here, but for the point specifically under discussion, ctrl+f "nudge." https://www.dataprotection.ie/sites/default/files/uploads/20... by the DPC on the use of cookies and other tracking technologies.pdf

(PDF) English translation of Greek DPA cookie guidance. See in particular the last page, "Bad Practices." https://iapp.org/media/pdf/resource_center/Greek_DPA_Cookie_...




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: