Yep, and also the whole EU... Every few months, they either want to make encrpytion illegal, scan more private data, scan files on end user devices, outright ban e2e encryption, or worse.
And we can thank EU for the extremely annoying cookie pop-up’s on every website. Every site has a slightly different UI and the options/button labels always vary. Declining is always a multi-step process with various checkboxes.
They are never geo-filtered either so everyone is forced to see them.
I’m usually a big advocate for privacy and this was obviously done with good intentions but there were so many better ways to do it and I doubt 99% of people do anything but click okay without reading it.
At least if the browsers did it the UI would be standardized and you could have default persistent settings.
Now that there has been a massive effort to implement it I doubt it will ever get fixed or go away. Even though the decline of supercookies and Firefox’s new 3rd party policy has largely made it obsolete.
>And we can thank EU for the extremely annoying cookie pop-up’s on every website. Every site has a slightly different UI and the options/button labels always vary. Declining is always a multi-step process with various checkboxes.
No we can't. We can think of scummy adtech companies who feel entitled to their business model.
The GDPR very specifically says that the option to decline tracking must be at least as easily accessible as the option to accept.
The only way the EU is to blame for the pop-ups is that the regulation hasn't been enforced strictly enough.
In this case the problem with GDPR is not how it's written but how it's enforced (or rather, how little it's enforced). Most of the cookie popups that appear while browsing are already blatant violations of the law, but the violators get away with them because the relevant authorities are overwhelmed/underfunded/dysfunctional.
>If they asked anyone with atleast a minimal technical knowledge, they'd get a lot better solutions.
This sentence implies that: (1) Nobody with even minimal technical knowledge was consulted when writing GDPR. (2) The problem of websites tracking their users can be solved through technical means. (3) One or more of the solutions are so trivial anyone with minimal technical knowledge could come up with them.
> And we can thank EU for the extremely annoying cookie pop-up’s on every website. Every site has a slightly different UI and the options/button labels always vary. Declining is always a multi-step process with various checkboxes.
I don't understand this line of thinking. You are declining the cookies, so obviously you prefer not to be tracked. And it's obvious that it's not the EU who made the varying, annoying, and often purposely misleading dialog boxes to decline the cookies, but the companies who want to force their tracking on you. Without the EU law, they would just do it without asking for permission. So why blame the EU?
Of course the outcome of random unfriendly and annoying UIs is the only predictable outcome... so why wouldn't the EU responsible? Who else would be?
Would some design guidelines be helpful? Maybe but it's still fundamentally flawed and I doubt it'd be enforced.
As I said the only possible option where there could be design cohesion is via the browsers (or maybe a EU-controlled open source JS plugin but that's even worse).
I don't ever use the cookie popups because fine-tune control of cookies doesn't have much privacy ROI. I want to use cookies on most sites and ublock does the rest.
I highly, highly doubt the tiny percentage of people not using an adblocker but are still technical enough to uses cookie popups regularly and effectively is really worth the cost.
I get the impression people want this to be a good idea, because it sounds like one, instead of considering whether it is.
Has the ever been a study that shows the real-world utility of forcing sites to use cookie popups?
> Of course the outcome of random unfriendly and annoying UIs is the only predictable outcome... so why wouldn't the EU responsible? Who else would be?
"Of course burglars choosing less protected houses is the only predictable outcome... so why wouldn't the makers of security systems be responsible? Who else would be?"
I still don't get it. Without the EU laws, it wouldn't be magically easier to block tracking cookies, they wouldn't offer a choice at all? What are you arguing for?
> As I said the only possible option where there could be design cohesion is via the browsers (or maybe a EU-controlled open source JS plugin but that's even worse).
> I don't ever use the cookie popups because fine-tune control of cookies doesn't have much privacy ROI. I want to use cookies on most sites and ublock does the rest.
The cookies for functionality/session are not affected by the cookie popup.
> I highly, highly doubt the tiny percentage of people not using an adblocker but are still technical enough to uses cookie popups regularly and effectively is really worth the cost.
I use an adblocker and still decline on the cookie popups. I assume you are doing, too, otherwise you wouldn't complain about popups you don't see?
> Has the ever been a study that shows the real-world utility of forcing sites to use cookie popups?
Me able to decline them is real-world utility. If a majority or at least significant portion of users is successfully tricked into accepting the cookies, then that calls for a refinement of the law along with better enforcement, not for retraction of the law. "Let them have it", what a bleak, defeatist thing to suggest.
You are blaming the makers of the law for what is very obviously the fault of the perpetrators, who are trying to get around the law in profoundly shady and just downright shitty ways.
I am glad the EU law exists, without it there wouldn't even be the option.
Client side blocking (by that I mean removing them after the tab/page close)? First for third party cookies, then for all of them, and add a "button" next to the url bar, to enable cookies for that specific site (to allow logins).
This breaks multiple desirable uses of cookies, unless they're explicitly allowed on a per-site basis. It doesn't help if a site uses cookies for both desirable and undesirable purposes. If this solution became ubiquitous, I'd predict websites would start showing popup banners nagging you to click the "enable cookies" button from next to the URL bar. Finally, even if this did work to stop websites from tracking users via cookies, the data harvesters would simply keep using non-cookie tracking methods like browser fingerprinting.
In contrast, the GDPR does not place requirements for cookies if they're not used for storing or processing personal data (the ePrivacy directive which I'm less familiar with might require a notification about them). It does not even require a popup or user's confirmation if personal data is processed on a legal basis other than consent (though these uses may need to be listed in some kind of available privacy policy document). Finally, as GDPR is mostly technology agnostic, its requirements remain the same regardless of whether the data collection is done using cookies or any other means.
Feigning ignorance. People in or adjacent to the tech surveillance industry (either working in it or having a substantial portion of their net worth invested in the industry) whine about cookie consents constantly, but nobody else gives a shit.
Are you telling me that you have no financial or professional stake in the matter? You haven't worked for or invested in a company that profits from tracking people online? Nor any of your friends or family?
