[michaelt]

I have a theory that about 97% of developers and managers completed the cookie consent (or whatever) on their own product 5 years ago and hence never see it again, and they have no idea how bad the experience for new customers actually is.

So the developers and bosses all think they're doing a great job and they've got a carefully curated homepage, even though the regular users get a cloudflare captcha, then a cookie modal, then a newsletter modal, then an install-our-app modal, all blocking their access to the 'buy product' button.

[econ]

Best ones, when refusing, ask again on the next page.

Perhaps they don't know what a functional cookie is? Maybe the marketing vocabulary only has YES?

[clear-octopus]

I really don’t understand why the desired cookie behavior could not be set globally for all websites in the browser. Why do I have the accept / reject them on every website and trust the website will actually do what I ask.

[interf4ce]

It can be, see Global Privacy Control [1]. As an example, the Complianz consent plugin for WordPress can detect and respect the user's GPC setting, but that feature can be toggled. So even though this exists, many sites will still ignore it.

1. https://globalprivacycontrol.org/

[jurgenburgen]

> GPC signal not detected.Please download a browser/extension that supports it.

Doesn’t seem to be widely adopted.

[bmn__]

Because society is full of dickheads? In a just world, it would be legal for a policeman to bludgeon anyone who does not respect a user agent's <https://en.wikipedia.org/wiki/Do_Not_Track> setting. Second offence, hang them from the flagpole in front of the parliament building. The problem would disappear over night.

[thechao]

REI threw a dickover on top of my checkout page just before I could pay. Dismissing the dickover cleared the checkout page.

[knollimar]

I've not bought multiple products for that.

Checkout is sacred. Have they not learned from their A/B testing?

[Freak_NL]

They do. Those are designed to make you click 'Oh for fuck's sake. Just set the fucking cookies.'

[urbnspacecowboy]

> Maybe the marketing vocabulary only has YES?

Almost! Your options are "yes" and "maybe later"...

(... and "add yet another custom filter to Ublock Origin".)

[bmn__]

> Almost! Your options are "yes" and "maybe later"...

Ah, rapist mentality. Once you see the pattern…

[JKCalhoun]

I have a theory that they don't care what customers think.

[kcplate]

Oh we care, but when it comes to cookie dickovers, we care more about making the corporate lawyers happy.

I’ll admit that I definitely like collecting my paycheck much more than I worry about customer annoyance at acknowledging a cookie policy. Some hills ain't worth dying on.

[SoftTalker]

Or your company could respect its users and only use cookies for essential site functions. Then you don't need a dickover.

[bombcar]

I like the make the cookie for hiding the dickover be 30-60 minutes in duration for anyone in a company IP address. Own medicine is the best dog food.

[brett-jackson]

The vast majority of users don’t know or care. The ones who do are blocking the cookies anyways. No one wins with these popups (except trial lawyers and sellers of cookie consent SaaS, of course).

[interf4ce]

Protecting forms with reCAPTCHA uses cookies that fall under "marketing" and gathering site stats using Google Analytics uses cookies that fall under "marketing" and "statistics," making a consent banner or dickover pretty much required.

Are these services necessary for a page to work? Not at all, but many businesses consider them crucial. Unprotected public forms almost immediately start getting spammed by bots, burying real, important communications from potential clients. GA offers insight into what visitors to your site are looking for, which has real business value.

I don't like it any more than you do, but I get why businesses would choose to use these. On their end, at least with reCAPTCHA, they're just trying to protect themselves from the complete shitshow that the modern web has become.

[bmn__]

False dichotomy, it's perfectly possible to have protection on a form without dicking over a user's basic right to privacy.

[interf4ce]

I'm very interested in any alternatives you can suggest.

[kcplate]

We wouldn't need a dickover at all if governments didn’t regulate it either.

[happymellon]

Even with the regulations, we don't need a dickover.

The dickover is purely spite from the websites.

[kcplate]

> The dickover is purely spite from the websites.

No, it’s a legal CYA that provides safe harbor in case you are accused of the behavior. If a law says you need to inform, your lawyers will demand you inform even if zero cookies are used on the site.

[xigoi]

But then sites could spy fn users without consent.

[kcplate]

So make it illegal to spy on users…not this “wishy-washy ask for their permission” first. If spying is the crux of the problem why not just solve it?

Instead we are presented with some lukewarm have it both ways BS where the only solution to truly give you safe harbor is present the cookie acknowledgment. Good corporate lawyers will demand the dickover even if you do not use cookies at all just to cover the company’s ass.

[oneeyedpigeon]

> and hence never see it again

This sounds like it would be a better implementation than 99.9% of the dickovers I encounter. Almost always, I dismiss them, then see them again in future. Sometimes with what feels like every site visit.

[bryanrasmussen]

You see them again in the future because you dismissed them, if you do what they want you to do they will never bother you again in case you changed your mind.

[SlightlyLeftPad]

Developers just aren’t good at determining what works best for the user experience. How would designers and PMs justify the hundreds of thousands of hours of combined industry research poured into that beautiful, performant front page design and following modal auto-load?

Please, leave this to the professionals.

[TehShrike]

I suspect many developers know the truth, at least to some degree. Their boss said "it's only one [more] popup, add it anyway."

Repeat ad infinitum

[LeoPanthera]

Always test your website in a private window.

[jerhewet]

uBlock Origin. Right-click, Block Element, click "Create", done.

[happymellon]

I find the scrolling hijack can kick in and I have an unresponsive page unless I disable uBlock, reject cookies, enable to remove all other crap.

[appplication]

No, not done. You then have to do it over and over and over and over on every new website you visit.

[rpdillon]

Enable this instead: https://github.com/uBlockOrigin/uAssets/blob/master/filters/...

[tardedmeme]

I wonder if cloudflare is wise enough to always skip captchas from IP addresses it detects are associated with that website's owners.

[rererereferred]

We use a third party cookie consent service. It shows different things depending on your location (and allows disabling different types of cookies depending on your local laws). Lawyers mandate it. It's easier than having to figure out the laws everywhere on our own. To me it shows a banner that stays out of the way. But I couldn't tell you for sure it doesn't cover the whole page to other people.

[crote]

Have you considered just not violating anyone's privacy?

Cookie banners aren't a force of nature. They are required solely because you want to track people. Not tracking people? No need for a cookie banner!

[threecheese]

Unfortunately you need cookies for any good user analytics; and no, I don’t mean the invasive kind that Marketing put in - I mean the kind which allows you to figure out why your site is broken.

Which ironically are the same tools you’d need to find out if your users are experiencing unintentional dickovers.

[jason_oster]

You don't need tracking cookies to log RED metrics.

[Gormo]

What web developer doesn't regularly test their site in a clean browser session?

[zem]

one of the more memorable stories from the daily wtf was from a dev at a banner ad company who got called into a VP's office and yelled at at great length because some pop-up banner was broken. after investigation it turned out the VP had installed an ad blocker and forgotten about it.

[amarant]

>modal

I think you mean dickover,sir.

[fuzzfactor]

Very accurate terminology for things that are equally as welcome as the developer sending each user a surprise popup pic of their dickover and over again.

Each time they visit the website.

Ad infinitum.

[iknowstuff]

I'd prefer that over cookie/app/newsletter popovers