Hacker News new | ask | show | jobs
by nulbyte 1422 days ago
As I understand it, the GDPR did not make web browsing a worse experience. Rather, folks tasked with compliance at a few companies came up with a horrible solution that probably doesn't actually comply, and everyone started copying it. GDPR requires consent; it doesn't require you to come up with the most obnoxious way to obtain it.
1 comments
jacamera 1422 days ago
Can you think of another way to implement it that wouldn't be just as obnoxious though? I feel like anything that could be perceived as unobtrusive could just as likely be seen as trying to hide or minimize the presence of the banner which might be construed as a violation of the law.

I feel like EU regulators should have worked with web standards committees to add a technical means and requirement to classify cookies. Then browser vendors could allow users to choose which types of cookies they are willing to accept from which websites.

link
nulbyte 1422 days ago
> Can you think of another way to implement it that wouldn't be just as obnoxious though?

A link to a page where visitors can opt-in would work just fine and not be obnoxious. The banners are obnoxious not because it's impossible, but because the very idea of consent goes against the business' goals. Or their just lazy: You don't need PII to track marketing performance, and if you aren't unnecessarily collecting PII, you don't need to ask.

> I feel like EU regulators should have worked with web standards committees to add a technical means and requirement to classify cookies.

Hardly anyone would use it, because most companies aren't seriously interested in getting consent. They are interested in data, and consent is merely a hoop to jump through.

link
haupt 1422 days ago
There's currently hullabaloo regarding the Global Privacy Control HTTP header as a spiritual successor to Do Not Track. It's already enforceable in California under the California Consumer Protection Act and the specification suggests they are also targeting GDPR compliance (although I don't know how close/feasible that is).

If it were to see widespread adoption then all you would have to do is change a setting in your browser.

link