[Terretta]

Having cleared all cookies recently, I'm re-encountering all these dialogs. They've gotten cagier.

Anecdotally, a third of these cookie dialogs are violating those principles, either preselecting all third party advertisers, or claiming all 60+ third parties are necessary for the functionality of the site so Allow or Go Away. Or having only one OK/Agree button.

It's not just little guys. Slate.com for example:

Slate’s Use of Your Data

By clicking “Agree,” you consent to Slate’s Terms of Service and Privacy Policy and the use of technologies such as cookies by Slate and our partners to deliver relevant advertising on our site, in emails and across the Internet, to personalize content and perform site analytics. Please see our Privacy Policy for more information about our use of data, your rights, and how to withdraw consent.

[Agree]

https://slate.com/gdpr?redirect_uri=%2F%3Fvia%3Dgdpr-consent...

The privacy policy generally says you're welcome to go opt out of each individual third party then delete their individual cookies from your browser, beat yourself up.

Slate for example, says, "You may choose whether to receive interest-based advertising by submitting opt-outs..."

The justification appears to be "EU doesn't tell us what to do":

"Please note that the Services are directed towards users who reside in the United States. By using the Services, you consent to the collection, storage, processing, and transfer of your information in and to the United States, or other countries and territories, pursuant to the laws of the United States. Some of these countries may not offer the same level of privacy protection as your own."

This Privacy Policy also features dynamic legalese:

"Slate tracks when EU readers grant consent for Slate to collect and process data through the use of an identifying cookie on your browser. The browser through which you are currently viewing Slate does not currently have such an identifying cookie. If you are an EU reader this means that Slate is not collecting or processing data from your current browser session."

https://slate.com/privacy

// I am currently reading from EU -- a good time to clear your cookies.

[sleavey]

I noticed that about Slate too, yesterday, when another HN article linked to them. Now I just open sites that break GDPR laws in a private tab, accept all of their cookie things and skim the article and determine if it's worth properly reading (while blocking ads, canvas super cookies, etc.). When I'm done I close the window and all the data they place on my machine is wiped. This means the outcome for them is even worse than if they had behaved themselves and offered a "minimum required" box that I would have probably ticked.

[stephengillie]

> claiming all 60+ third parties are necessary for the functionality of the site

If you consider financial needs underpinning the site operation, it's technically true - without the 60+ 3rd parties, they could run out of funds to host the site, after which the site would not function at all.

[CaptSpify]

There are other sources of funding than advertisements

[nloomans]

Interestingly, Dutch news websites usually handle GDPR popup dialogs property. Example: https://nos.nl/.

It's just as easy to opt-in as to opt-out. Just tap the checkmark or the X and then Save your preferences.