←back to thread

Internet's biggest annoyance: Cookie laws should target browsers, not websites

(nednex.com)
583 points SweetSoftPillow | 7 comments | 22 Oct 25 12:12 UTC | HN request time: 0.553s | source | bottom
1. NegativeK ◴[22 Oct 25 12:29 UTC] No.45668043[source]
So why didn't GDPR require Do Not Track to be honored? It was already there, to be expanded on if needed.

But I can't imagine copmanies would want that. They benefit from cookie dialogs fatigue, and for some reason people blame GDPR of all things for surveillance tech being annoying in how they ask for permission.

replies(2): >>45668101 #>>45668156 #
2. shadowgovt ◴[22 Oct 25 12:34 UTC] No.45668101[source]
It is entirely possible the lawmakers who put together GDPR were bad at their jobs and didn't consider better technical solutions.
replies(1): >>45670906 #
3. p_l ◴[22 Oct 25 12:39 UTC] No.45668156[source]
GDPR does not mandate specific technical solutions.

But actually honoring DNT properly would immediately mean no consent banner, but the consent banner is there to fool you into giving up your rights while providing (flimsy) legal cover for the company.

replies(2): >>45668724 #>>45668759 #
4. johannes1234321 ◴[22 Oct 25 13:21 UTC] No.45668724[source]
The banner is also there to make you complain about EU bureaucrats, for having the law changed. And it works: Outrage is often on EU cookie banners, not in people selling our data.
5. jeroenhd ◴[22 Oct 25 13:23 UTC] No.45668759[source]
While this is true, the EU does have a tendency to step in and start enforcing technical requirements if the industry doesn't respond. USB-C, for instance, has been standardised, because attempts to tell the industry "one plug, you people figure out which one" didn't work.

It's still early days for the GDPR (relatively speaking), but I can see the EU enforcing a particular privacy-related mechanism eventually.

It also doesn't help that DNT is just a boolean signal, it doesn't give you the control over your data that the GDPR demands.

replies(1): >>45671114 #
6. kiicia ◴[22 Oct 25 15:45 UTC] No.45670906[source]
gdpr does mandate any technical solution

technical solutions are chosen by companies to have as much dark patterns as possible to force you to consent

companies that want to sell user data are bad guys trying to make gdpr look bad

7. p_l ◴[22 Oct 25 15:58 UTC] No.45671114{3}[source]
Relatively speaking GDPR at this point is just shy of 30 years old - that's when most of the effective rules came into play.

What changed the most with GDPR is that enforcement now has teeth. Not as big teeth as say, NIS2, which actually has executives more concerned than middle level about being compliant, but still big.