Hacker News new | ask | show | jobs
by 1718627440 27 days ago
> 8. When authorities were asked whether they would consider that a banner which does not provide for accept and refuse/reject/not consent options on any layer with a consent button is an infringement of the ePrivacy Directive, a vast majority of authorities considered that the absence of refuse/reject/not consent options on any layer with a consent button of the cookie consent banner is not in line with the requirements for a valid consent and thus constitutes an infringement. Few authorities considered that they cannot retain an infringement in this case as article 5(3) of the ePrivacy Directive does not explicitly mentioned a “reject option” to the deposit of cookies.

https://www.edpb.europa.eu/system/files/2023-01/edpb_2023011...

Also the law doesn't require anything to be done by the user to reject cookies, to begin with, as that is the default state. I often just delete the cookie dialog from the DOM.
2 comments
d1sxeyes 26 days ago
I agree with all the points here, but the task force report is not law, and this is not “clearly stated” (this specific phrase is fine, but the rest of the document is full of disclaimers).

It’s a useful guide on how the law is likely to be interpreted, and likely influences the interpretation itself, but my inner pedant is not satisfied.

link
1718627440 26 days ago
Yeah, it was the closest I could find, but I don't really care that much to search the actual laws. I would expect it to be true, it's basically what you hear in the news and all the advise says that you should do that, when you create a GDPR-compliant website.
link
d1sxeyes 26 days ago
> Yeah, it was the closest I could find

Yeah, me too, which is why I challenged OP on the claim that it's 'clearly stated'.

link
LtWorf 26 days ago
Going in "reading" mode in firefox also works in many cases.
link