←back to thread

332 points vegasbrianc | 1 comments | | HN request time: 0.209s | source
Show context
ryandrake ◴[] No.42142148[source]
People blame the cookie banners themselves or the legislation that "made them necessary" but somehow never seem to blame the web companies for doing the naughty things on their websites that make them subject to the law.

The "cookie banner problem" exists because it's primarily end users that are shouldering the burden of them, and not the companies. For the company, it's a one time JIRA ticket for a junior software engineer to code up a banner. For everyone else, it's thousands of wasted seconds per year. Make the law hit companies where it hurts: their balance sheets.

replies(11): >>42142202 #>>42142212 #>>42142251 #>>42142326 #>>42142345 #>>42142452 #>>42142625 #>>42143095 #>>42143203 #>>42144003 #>>42144503 #
legitster ◴[] No.42142202[source]
> never seem to blame the web companies for doing the naughty things on their websites

Part of the problem is that the law didn't seek to distinguish between tame first-party cookies and the really naughty third-party cookies so the burden is equal regardless of how malicious the service is.

> For the company, it's a one time JIRA ticket for a junior software engineer to code up a banner.

This is actually not true. There's a lot more that goes into a cookie banner than you might realize, and there's now an industry dominated by a small handful of players (Osano vs OneTrust)

replies(7): >>42142217 #>>42142245 #>>42142273 #>>42142291 #>>42142347 #>>42142352 #>>42150500 #
BiteCode_dev ◴[] No.42142347[source]
It totally does make the distinction.

If you use cookies for auth, no need to disclail it.

Better, you don't need a banner even of you do track users for anybody with DNT. So you can offer a seamless experience.

They just don't care.

replies(1): >>42142442 #
1. legitster ◴[] No.42142442[source]
> you don't need a banner even of you do track users for anybody with DNT

This is not true. The specific text of the law requires that websites have to provide details about their cookies, and then document and store user preferences.

If you just honored the DNT, you would still be out of compliance.