[illiarian]

Funny how you claim to support GDPR but your own site displays a non-compliant cookie banner.

[samtho]

Their cookie banner is provided by a 3rd party and I can’t see how it is non-compliant unless there is something I’m missing.

[capableweb]

Because it's a 3rd party, it cannot be non-compliant?

Seems like it's 1 extra click to disallow compared to allow, so yeah, non-compliant. Should be exactly as easy to say yes as saying no. In this case it's not.

[tiki_ory]

Hey. Ory PM here. Thanks for the info. We fixed the Cookie Banner now. So one click Deny is now possible.

[samtho]

> Because it's a 3rd party, it cannot be non-compliant?

Not at all. My point was that they are not offering that as product.

[pestaa]

Overblown criticism like this give GDPR an undeserved bad rep.

[capableweb]

Either we have regulation and call people out when they don't follow it and hopefully eventually fine them, or we can just skip it all together.

[smolder]

Incorrect implementations give GDPR a bad reputation, though there are worse ones.

[illiarian]

It's not overblown criticism. They advertise their product as GDPR-compliant, and yet their website uses dark patterns to trick people into allowing tracking, and is not GDPR-compliant.

Do I trust them to be as diligent in their product?

And yeah, what gives GDPR bad rep is exactly these kinds of dark patterns and other forms of malicious compliance by non-caring companies.

[illiarian]

It's their choice to chose that banner, and their choice to configure it this way. Most third-party banners are non-compliant, including this one. Which they should know, given that they advertise GDPR compliance for their main product.

The banner should have a Reject All option, preferably as default action.

Also relevant: https://noyb.eu/en/where-did-all-reject-buttons-come