Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
bigfudge 5 days ago

Nothing in the law requires the pop up. It definitely doesn’t require the obnoxious bullshit that most companies put up (aka the dark pattern to get you to agree to every unreasonable part of their terms just to read the page).

The alternative would be to just stop invasive tracking and add the cookie when it’s actually needed.

yreg 5 days ago | parent | next [-]

Yet somehow all the government/EU-institution pages I visit also choose to track and throw the popup.

bigfudge 5 days ago | parent [-]

Yes, there's a lot of cargo culting in web development.

Many US based companies also do this for US visitors, which is absolutely not required by the GDPR and related regulations, because they don't apply there.

The law states:

> Receive users’ consent before you use any cookies except strictly necessary cookies.

Strictly necessary:

> These cookies are essential for you to browse the website and use its features, such as accessing secure areas of the site. Cookies that allow web shops to hold your items in your cart while you are shopping online are an example of strictly necessary cookies. These cookies will generally be first-party session cookies.

https://gdpr.eu/cookies/

You don't need consent for MOST reasonable uses of cookies. If compliance theatre wasn't such an industry the web would be a lot tidier and we could stop blaming the EU for implementing important privacy and data controls.

nonethewiser 4 days ago | parent [-]

You're just acknowledging that intent!=effect, which is a primary criticism of these laws.

bigfudge 4 days ago | parent [-]

You’re shifting the goalposts somewhat, but the thing this misses is that the cookie banners are the least important aspect of EU data regulation. The principle of consent and of minimising data held has actually made a substantial different in European firms, mostly for the better.

nonethewiser 4 days ago | parent [-]

I didn't have any initial goalposts. Maybe you are assuming I'm someone else.

I agree with you that cookies banners are used more than legally necessary. They are a consequence of the law nonetheless.

dwaite 5 days ago | parent | prev [-]

The cookie popup also more often than not doesn't satisfy GDPR, since the option to remove consent disappears with the popup. These dark patterns emerged because the GDPR was used selectively as a club rather than properly enforced. That led to what another comment refers to as "compliance theatre" rather than actual corporate compliance.