|
|
|
|
|
|
by belorn
2201 days ago
|
|
|
Lets imagine the EU making a law that has nothing about cookies, but instead focus on personal data and when it may be collected and when it may not be collected. The law may not even need to mention cookies except as one of many examples, like a radio frequency identification tag. The focus of the law can instead be about why someone is collecting personal data, and what the purpose is. The law could say something like: If you are collecting data in order to create an profile of a person, and the person did not ask you to do a job which require such profiling, then you must ask for permission. Nothing about cookies, nothing about a popup, just intention and consent. And here come the surprise. That is current GDPR. It mention cookies exactly once, as part of an non-exhausted example list of identifiers which is commonly used in order to profile people. Cookies has the same importance in GDPR as profiling a person based on what screen resolution your device has, and you may notice that there are no screen-resolution-accept-banners anywhere. |
|
|