Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
reactordev 3 days ago

Instead of document.cookie consider document.localStorage since there’s verbiage around showing a notice on your site if you use cookies, etc, for tracking purposes. At least with local storage, you aren’t using cookies :P

Tarq0n 3 days ago | parent | next [-]

The law doesn't care whether it's a cookie or an equivalent.

minitech 3 days ago | parent | next [-]

And this cookie isn’t for tracking purposes anyway, so doesn’t require a notice.

dheera 3 days ago | parent | prev [-]

The "law" only applies if you live in the EU anyway.

DocTomoe 3 days ago | parent [-]

See, this is where you are wrong. The law applies if you target people living in the EU (such as using one of the languages spoken within the EU. English applies thanks to Malta and Ireland. So does not explicitly removing tracking from EU IPs).

Whether it is technically enforceable in your particular case may be the question. But historically, it has been enforced outside the EU.

As you live in the Bay Area - the CCPA and the CPRA, which are similar in many ways and seem to require an opt-out mechanism (e.g. if you operate a commercial website with >100k devices accessing it during a year).

Talk to a lawyer, don't take advice from strangers on the internet.

dheera 2 days ago | parent | next [-]

> The law applies if you target people living in the EU

I disagree with this. Tencent WeChat targets the entire world, including people living in the EU. They do not follow GDPR.

Likewise, Facebook targets people living everywhere, including in China. They do not follow Chinese laws.

Hence, China sets up a firewall and blocks Facebook.

EU can set up a firewall too if they don't like something.

"Oh but EU doesn't do firewalls?" Not my problem. Tough luck. China, Iran, Turkey, Indonesia, all did it, you can too if you have beef with foreign websites.

But no, I do not need to follow EU law just because EU users use my thing. It's on them to firewall it if they don't like my website.

> CCPA and the CPRA

This is fine. I live in California, I need to follow California law, and I can choose to live somewhere else if I don't like it. What I'm not okay with is some distant jurisdiction thinking they can make laws that I "need" to follow.

joquarky 2 days ago | parent | prev [-]

I hate the GDPR popups more than the ads because they make no fucking sense.

Why don't we have a browser flag that sends a request header telling the site our preference automatically so we can avoid these popups?

dheera 2 days ago | parent [-]

What's even worse is that I have my browser set to block cookies on ALL sites by default and only enable them for a handful of sites that I login to.

This causes all the stupid GDPR popup sites to not "remember" my preferences because they ironically need to use a cookie to store the preference of declining cookies, so they appear again each time because my browser doesn't store that decline cookie between sessions.

maurycyz 2 days ago | parent | prev | next [-]

Except it's not tracking. Remembering user preferences is the original goal of cookies, and doesn't come with any legal requirements.

The law is (paraphrasing) "You must use cookies or similar to be evil without permission". Advertising companies decided that instead of not being evil, they'd annoy users into giving permission.

account42 2 days ago | parent | prev [-]

How does this nonsense still get repeated in 2025?

2 days ago | parent [-]
[deleted]