[jacquesm]

It doesn't really matter does it? You don't collect data without consent, period.

Why is that so hard to understand?

Why don't developers ever push back against this sort of thing? Collectively we build this stuff, we are not 'soldiers following orders' which makes us responsible for what we create.

The current actual use is not relevant. Consent and the possible uses are relevant.

[thdrdt]

I think your comment is unfair.

Every webserver logs the IP address and the URL visited. Do you think most people know this? Do deverlopers push against this?

[kofejnik]

strawman; you visit someone else’s server, and therefore they get data about your visit; with kindle, you’re using your own device and there’s no expectation that amazon will be snooping

[thdrdt]

"you visit someone else’s server, and therefore they get data about your visit"

I don't think the average person knows this. A lot of people even have no clue about internet. So there is no consent most of the time. And we, the developers, just let the logs running.

"with kindle, you’re using your own device and there’s no expectation that amazon will be snooping"

Well I would absolutely have this expectation. I expect a device that is connected to the internet snooping on me. Then there is the Amazon brand. I absolutely don't trust them so I expect them to snoop in me.

But to be clear: I absolutely hate that my privacy is gone. I use all kinds of blockers to disable tracking and I also agree with jacquesm snooping is wrong. But I still think his point is too black and white and therefore unfair.

[ancarda]

>Every webserver logs the IP address and the URL visited.

I maintain a webserver - https://git.sr.ht/~ancarda/tls-redirector - that has no support for logging. If you wanted logs for some reason, you'd need to modify the source code to add that functionality.

Granted, tls-redirector isn't a general purpose webserver, but even in production I tend to turn off logging. I just don't see the need to have logs lying around that I never use.

[jacquesm]

No, not every webserver does. This is something that you could easily configure.

Yes, most people know this by now.

Yes, some developers push against this.

Also: It's the law. Collecting data without consent is not always legal. Whether that particular bit of data rises to the level of requiring consent is left as an exercise for the reader for their particular jurisdiction and industry.

[gizmo]

GDPR actually forces all websites to carefully keep track of what gets logged and for how long these logfiles are retained. So yes, legislators are pushing back against the common practice of logging everything just cause.

[hans_castorp]

> You don't collect data without consent, period.

This.