It’s 2020 and the EU still thinks more bureaucracy is the way to go. I am not entirely sure US websites should necessary spend more to accommodate GDPR, which itself should be revised and made less inconvenient.
You only need those pop-ups if you are using cookies which are not "technical cookies".
If you are using tracking technology based on cookies or anything that collects information specific to a user, you will need to show the cookie banner and give an opt-in. Otherwise tracking/analytics is not allowed.
So... Every site you see this banner on has some dead bodies in their cellar and wants you to move on and not take a closer look. Just click "Accept all" and everything will be fine...
This is technically correct from a legal point of view. But it's a different story when Google threatens to delist your website for a missing cookie popup.
Sooo... the american megacorporation is a bigger problem than the european buerocrats? Who would have guessed (That's a rethoric question; I would have guessed, as well as most people from outside the USA)
If I don't want cookies, "technical" or otherwise, I'll browse incognito mode or block them by some other means. I don't need a European bureaucrat to get involved. Thanks.
If I don't want trichinosis, "medical" or otherwise, I'll just cook my pork extra well or remove parasites by some other means. I don't need a USDA bureaucrat to get involved. Thanks.
> I don't need a European bureaucrat to get involved. Thanks.
My 70 years old grandma or 12 years old cousin do though. Of course as tech people we know how to bypass most of the tracking happening on the web, that's not the case for the average user.
As others have mentioned these notices are not for "us". "We" are the ones that _love_ to setup their own PiHoles, tunnel everything through some self-hosted VPN spread over the world, running adblockers, script blockers, private mode browsers, do not track-settings and so on. We're just fine. But the others are fucked. And they need laws and notices so they don't get screwed.
This is not due to the GDPR, but the "cookie directive" (2009/136/EC) And there are a lot of ways site operators could avoid those popups or make them non-intrusive, but they choose to ...
The thousands of Euros spent on lawyers and development time to become compliant, plus all the time wasted.
Really a great accomplishment by the EU... in addition to clicking a shitty "I accept cookies" banner on every damn website I visit, I now frequently also have to click another popup for GDPR and multiple checkboxes for GDPR when I signup somewhere. As if anyone ever bothered reading those.
As far as I'm concerned, it's all just a huge waste and the internet was better off before politicians got involved.
I bother reading those, and it's my fucking right to do so, as well as to stop using a service if I don't think it's worth the data they're taking as payment.
Arguing that I shouldn't have that right, because it bothers some people is like arguing against price tags because "they're annoying" and "Who looks at those before buying something anyway?".
And no, you don't click "I accept cookies", you click something along the lines of "I accept necessary cookies plus everything I've explicitly enabled", otherwise site is not GDPR compliant and you can just report them.
The GDPR pop up is NOT just a pop up (not if you are following the law). If you are a data controller and you believe that the GDPR is just a pointless pop up you should consult your lawyer and see what they say.
Unless I remember it incorrectly, GDPR doesn't even apply to websites that don't target EU citizens; so it really doesn't affect US websites that are clearly aimed primarily at the USA, just because some EU citizen might use it as well.
And if a foreign website wants to expand into the european market, then yes, no matter its country of origin, it will have to follow EU rules.
So, in conclusion, geoblocking the EU is just plain stupid.
It’s a bit more complex than that. Are they doing business at all in the EU (for a news site, do they have correspondents in the EU?) are they selling extras to the EU (can you pay for no ads, can you buy and they will ship merch to the EU?).
Yes, there's nothing wrong with that. If you take money from EU citizens, then you can be expected to treat at least them in accordance with european standards. If you don't like it, then we don't want your busyness, as simple as that (even though that might not be the position of every citizen, it's essentially what GDPR states)