←back to thread

332 points vegasbrianc | 1 comments | | HN request time: 0s | source
Show context
ryandrake ◴[] No.42142148[source]
People blame the cookie banners themselves or the legislation that "made them necessary" but somehow never seem to blame the web companies for doing the naughty things on their websites that make them subject to the law.

The "cookie banner problem" exists because it's primarily end users that are shouldering the burden of them, and not the companies. For the company, it's a one time JIRA ticket for a junior software engineer to code up a banner. For everyone else, it's thousands of wasted seconds per year. Make the law hit companies where it hurts: their balance sheets.

replies(11): >>42142202 #>>42142212 #>>42142251 #>>42142326 #>>42142345 #>>42142452 #>>42142625 #>>42143095 #>>42143203 #>>42144003 #>>42144503 #
legitster ◴[] No.42142202[source]
> never seem to blame the web companies for doing the naughty things on their websites

Part of the problem is that the law didn't seek to distinguish between tame first-party cookies and the really naughty third-party cookies so the burden is equal regardless of how malicious the service is.

> For the company, it's a one time JIRA ticket for a junior software engineer to code up a banner.

This is actually not true. There's a lot more that goes into a cookie banner than you might realize, and there's now an industry dominated by a small handful of players (Osano vs OneTrust)

replies(7): >>42142217 #>>42142245 #>>42142273 #>>42142291 #>>42142347 #>>42142352 #>>42150500 #
nicce ◴[] No.42142217[source]
> There's a lot more that goes into a cookie banner than you might realize, and there's now an industry dominated by a small handful of players (Osano vs OneTrust)

Isn't this industry for those, who want to share their website data automatically with 100+ partners? For others, who don't really share that much data with others, less relevant.

replies(1): >>42142312 #
legitster ◴[] No.42142312{3}[source]
If you are just running a static websites, maybe. But if you are going to run a website with any services on it (video content, eCommerce, member management, etc) you are going to have partners. Establishing a browser session with every single one would be pretty onerous (and honestly much worse for privacy) so a first-party cookie is a pretty good compromise.
replies(1): >>42145302 #
1. hnbad ◴[] No.42145302{4}[source]
> But if you are going to run a website with any services on it (video content, eCommerce, member management, etc) you are going to have partners.

No? At least not in the scale that would require these consent services. Services like member management are literally required to operate the website so those can go into the privacy policy (as would e.g. hosting on AWS or using a CDN).

The reason these consent services exist is that a lot of websites are just content mills that operate entire on behavioral advertising, whether it's the web version of a newspaper or just SEO blog spam. These often use hundreds of "partners" for analytics, ads, targeting, re-targeting, etc. And they desperately try to trick visitors into opting into those.

For your run of the mill Wordpress website you can just get a plugin like https://devowl.io/wordpress-real-cookie-banner/ - and in many cases the free version is good enough.