←back to thread

Analysis of economic and productivity losses caused by cookie banners in Europe

(legiscope.com)
332 points vegasbrianc | 1 comments | 14 Nov 24 22:23 UTC | HN request time: 0.208s | source
Show context
uniqueuid ◴[15 Nov 24 08:34 UTC] No.42144954[source]
I am kind of frustrated by the widespread misunderstandings in this thread.

Laws are best when they are abstract, so that there is no need for frequent updates and they adapt to changing realities. The European "cookie law" does not mandate cookie banners, it mandates informed consent. Companies choose to implement that as a banner.

There is no doubt that the goals set by the law are sensible. It is also not evident that losing time over privacy is so horrible. In fact, when designing a law that enhances consumer rights through informed consent, it is inevitable that this imposes additional time spent on thinking, considering and acting.

It's the whole point, folks! You cannot have an informed case-by-case decision without spending time.

replies(16): >>42145020 #>>42145131 #>>42145155 #>>42145209 #>>42145333 #>>42145656 #>>42145815 #>>42145852 #>>42146272 #>>42146629 #>>42147195 #>>42147452 #>>42147781 #>>42148046 #>>42148053 #>>42150487 #
mpeg ◴[15 Nov 24 08:45 UTC] No.42145020[source]
What I find funny about the whole thing is that the grand majority of companies with cookie banners are not implementing them correctly, and therefore are still in breach of the law.

I see constantly banners on sites that set tracking cookies by default, and delete them if you reject them in the banner (or even worse, not delete them at all!) – this is not compliant as the cookies were set before consent was given

Also see banners where there is only a big "OK" button, with no visible option to reject, this is also not compliant!

replies(5): >>42145538 #>>42146028 #>>42147215 #>>42147228 #>>42150714 #
sourcecodeplz ◴[15 Nov 24 14:25 UTC] No.42147215[source]
Look at how Google does it for Blogger. There is an OK button and a "Learn more" one. There is no reject. Are you saying they are breaking the law? EU would love nothing more than to levy more fines.
replies(4): >>42147234 #>>42149123 #>>42149807 #>>42151826 #
1. atoav ◴[15 Nov 24 19:02 UTC] No.42149807[source]
Yes.

GDPR says on Consent:

> The basic requirements for the effectiveness of a valid legal consent are defined in Article 7 and specified further in recital 32 of the GDPR. Consent must be freely given, specific, informed and unambiguous. In order to obtain freely given consent, it must be given on a voluntary basis. The element “free” implies a real choice by the data subject. Any element of inappropriate pressure or influence which could affect the outcome of that choice renders the consent invalid.

Pretty clear, isn't it?

There have been subsequent rulings stating that not giving a equally styled no/reject option or letting people choose between one yes option and thousand separate no options is already a influence that nullifies consent.

Also specific means you can't just tell them you have to use a cookie for technical reasons and use it for tracking later — they might have given you consent for that cookie for the purpose you told them about, not for the purpose of tracking.

All kinds of actors try to bend the rules here, while the rules are verh clear.