|
|
|
|
|
|
by ruthmarx
519 days ago
|
|
|
> I can accept that our website visiting patterns, and maybe our specific countries of residence within the EU, expose us to different experiences in this regard. I stand by my statement as a description of my own personal experience, but I'm willing to believe your own personal experience too. I appreciate your attempting to reconcile different anecdotal experiences. In the spirit of objectivity however, I would insist that big businesses are not breaking the law. > The free, informed consent which the letter of GDPR requires according to public and legally binding official interpretations (such as from the European Court of Justice) is not present when those dark patterns make it harder to refuse consent than to grant it. I think here we've shifted the problem to dark patterns. The problem though is with the popups at all, because even when they are compliant, they are no less annoying, just slightly more clear. > The problem in all of these respects is primarily very weak and reluctant official enforcement of the rules by the relevant Data Protection Authorities and very low fines when they do enforce them. They probably shouldn't have claimed global jurisdiction then. Since that's a big part of what has resulted in so many poorly done cookie banners. |
|
|
Take a look at the many GDPR violation complaints which noyb.eu has filed against big businesses, almost all of which they eventually win in court. Yes, many big businesses are in fact breaking the law in this regard.
> I think here we've shifted the problem to dark patterns. The problem though is with the popups at all, because even when they are compliant, they are no less annoying, just slightly more clear.
The truly compliant ones are far less annoying. They all generally need only a single click to refuse consent, and they are also easy enough to ignore while using the site without ever responding to the banner at all.
> They probably shouldn't have claimed global jurisdiction then. Since that's a big part of what has resulted in so many poorly done cookie banners.
It's also essential to actually achieve the goal of protecting the data of people in the EU, much of which is done by companies which are based outside the EU. Do you not see the big truck-sized loopholes which would exist without that? All they would then have to do is change the website's contracting legal entity to a foreign partner or parent company and then they could refuse data subject access requests, track without consent, and so on if the jurisdiction provisions in Article 3 were as narrow as you're advocating.