|
|
|
|
|
|
by guitarbill
2066 days ago
|
|
|
Ah yes, a source on the GDPR that has a non-opt-out cookie box. Seems legit. Where this falls down in practice can be clearly seen e.g. from UK's Information Commissioner's Office [0] (despite Brexit still one of the most readable English-language sources of the GDPR): > Consent must be freely given; this means giving people genuine ongoing choice and control over how you use their data. > Consent should be obvious and require a positive action to opt in. Consent requests must be prominent, unbundled from other terms and conditions, concise and easy to understand, and user-friendly. > If you make consent a precondition of a service, it is unlikely to be the most appropriate lawful basis. The way companies really get away with it is that the data protection agencies are understaffed, inundated, focussed on big targets, and the GDPR doesn't allow individuals to file suit. [0] https://ico.org.uk/for-organisations/guide-to-data-protectio... |
|
|