[humblebee]

I don't remember the website, but I ran across one on hacker news a while ago that had the best cookie popover I've ever seen. It floated over from the left hand side of the page. Had simple and clean UX allowing for user configuration of cookies. Felt a little more like a cookie control panel than a popup disclaimer. Allowed the user to select which cookies to allow with a small description of what they did.

Wish I had bookmarked the page.

[fiblye]

Sounds like something users want. Unfortunately, that’s not what most website owners want. They want to be as annoying as possible so that you smash “agree” just to get it over with.

[sandov]

As a user, I want websites to just send cookie headers without asking. I'll decide if I want to store them and send them back.

[atoav]

What users want? GDPR allows you explicitly to serve strictly necessary cookies without asking for consent. You only have to ask if you track people or don’t know what cookies your site stores with your users.

It is 2020 and totally possible to create websites without cookies or with only functionally needed cookies. You do your users a favour and your site will look better.

The very idea of the GDPR wasn’t to force websites to display cookie banners. It was to clarify that cookies can contain identifyable personal data and can be used for tracking, which is why we should avoid using them in that way or ask for consent if it really must be used.

[Fnoord]

On that of that, a lot of websites do not allow the user to use the website if they do not give consent to allow the non-functional cookies. Which is against the GDPR.

[peteretep]

How many of those have you reported?

[majewsky]

I heard a talk by Ulrich Kelber, the German federal data protection officer, two months ago. He admitted that it does not make much sense right now to encourage more people to report GDPR violations. As it stands, data protection agencies are already drowning in reports and most of them are horrendously underfunded. (Especially in EU countries that are not Germany. Germany has had strong data protection laws for a long time, so the staffing situation in our data protection agencies is slightly better.)

[scarejunba]

As a user, I want it in the User Agent. I don't even know what the point of the bloody notification is. Set a cookie and redirect and see if you get it back if you want to know if I'm going to preserve your shit. Don't ask me this crap.

[andrewkdinh]

I believe you’re talking about metomic. Best cookie notice I’ve seen yet.

https://metomic.io/

[skrebbel]

If this is the gold standard, the our standards are very low. It should be just as easy for me to say "no" as it is to say "yes", and Metomic has the same dark pattern as everybody else that saying "no" requires a lot of clicking and careful reading, while click "yes" is easy. Seriously, in Metomic it's even multiple panels! And every single one has multiple paragraphs I have to read! Whereas "yes" is a single click and the panel is out of my face. It's crap and it's intellectually insulting.

There's no law anywhere that says you need to ask permission for storing cookies. You can perfectly well make a cookie-based login without a cookie banner. This bullshit about un-uncheckable "essential cookies" toggles has to go, you don't need permission for those, they don't need to be in the dialog. The GDPR even specifies this, albeit too vaguely: it should be as easy to accept tracking as it is to reject it, and in practice even a startup 100% focused on solving this problem gives that rule the middle finger.

Seriously, fuck this shit. The banner should say "We'd like to track your behavior so we can improve our service / sell better ads / whatever¹. [Ok] [Rather not]". It's not that hard. Only give Metomic your money if you think your visitors are idiots.

¹ (strike through what does not apply)

[smichel17]

Fandom (wikia) is pretty good. It's a big popup in the center of the page, with Yes and No buttons at the bottom, styled with equal importance. One click and it's out of my way, just as easy to decline as allow.

Of course, the gold standard is no tracking and no popup.

[andreareina]

Click "No, Customize" and through to "Statistics". Exemplary example of how it should be done.

[wooger]

Just one "Nope" should be enough. Or just ignoring it and clicking elsehwhere should assume that's your answer and shut up about it forever.

[pnako]

keygen.sh does that