←back to thread

Internet's biggest annoyance: Cookie laws should target browsers, not websites

(nednex.com)
583 points SweetSoftPillow | 4 comments | 22 Oct 25 12:12 UTC | HN request time: 0.209s | source
Show context
michaelmauderer ◴[22 Oct 25 12:36 UTC] No.45668112[source]
The problem here is not the law, but malicious compliance by websites that don't want to give up tracking.

"Spend Five Minutes in a Menu of Legalese" is not the intended alternative to "Accept All". "Decline All" is! And this is starting to be enforced through the courts, so you're increasingly seeing the "Decline All" option right away. As it should be. https://www.techspot.com/news/108043-german-court-takes-stan...

Of course, also respecting a Do-Not-Track header and avoiding the cookie banner entirely while not tracking the user, would be even better.

replies(27): >>45668188 #>>45668227 #>>45668253 #>>45668318 #>>45668333 #>>45668375 #>>45668478 #>>45668528 #>>45668587 #>>45668695 #>>45668802 #>>45668844 #>>45669149 #>>45669369 #>>45669513 #>>45669674 #>>45670524 #>>45670593 #>>45670822 #>>45670839 #>>45671739 #>>45671750 #>>45673134 #>>45673283 #>>45674480 #>>45675431 #>>45678865 #
whywhywhywhy ◴[22 Oct 25 12:58 UTC] No.45668375[source]
The problem is exactly the law then because it was written so incompetently that it left the loopholes to allow websites to try and trick accepting.

Should have been written in the law that it’s a one toggle in browser settings.

If government is going to impose on the internet the least they could do is be competent in what they impose. Not writing laws that waste lifetimes in collective hours a day as every person in Europe deals with multiple of these dialogs a day and thousands a year.

replies(2): >>45668441 #>>45668445 #
1. GJim ◴[22 Oct 25 13:02 UTC] No.45668445[source]
> Should have been written in the law that it’s a one toggle in browser settings.

No!

For crying out loud..... The law says if you want to track me (advertisers take a bow) then in each case, you must have my explicit opt-in permission to do so. And so you should!

Having a browser toggle setting isn't explicit opt-in consent.

replies(2): >>45668692 #>>45668781 #
2. pverheggen ◴[22 Oct 25 13:19 UTC] No.45668692[source]
Maybe not a single browser toggle, but it really should be handled at the browser level. There are browser APIs for opt-ins like your current location, using the camera and microphone - why not one for tracking consent?
replies(1): >>45668963 #
3. wtetzner ◴[22 Oct 25 13:24 UTC] No.45668781[source]
Ideally opt-in would be explicit, but a browser toggle could bypass even showing the opt-in button if the Do-Not-Track header is sent.
4. Nextgrid ◴[22 Oct 25 13:37 UTC] No.45668963[source]
There was Do-Not-Track which is a header that could be set at the browser level: https://en.wikipedia.org/wiki/Do_not_track

And way before that (before spyware became common on the web) there was P3P: https://en.wikipedia.org/wiki/P3P

Now there is Global Privacy Control: https://en.wikipedia.org/wiki/Global_Privacy_Control

The problem isn't technical - the problem is that ultimately spyware operators want to track people so it isn't in their interest to support these solutions and won't do so unless they are forced to. Since enforcement is significantly lacking, operators adopt the pragmatic strategy of non-compliance or pseudo-compliance with the current banners.