Internet's biggest annoyance: Cookie laws should target browsers, not websites

(nednex.com)

582 points SweetSoftPillow | 2 comments | 22 Oct 25 12:12 UTC | HN request time: 0.417s | source

Show context

NegativeK ◴[22 Oct 25 12:29 UTC] No.45668043[source]▶

So why didn't GDPR require Do Not Track to be honored? It was already there, to be expanded on if needed.

But I can't imagine copmanies would want that. They benefit from cookie dialogs fatigue, and for some reason people blame GDPR of all things for surveillance tech being annoying in how they ask for permission.

replies(2): >>45668101 #>>45668156 #

p_l ◴[22 Oct 25 12:39 UTC] No.45668156[source]▶

>>45668043 #

GDPR does not mandate specific technical solutions.

But actually honoring DNT properly would immediately mean no consent banner, but the consent banner is there to fool you into giving up your rights while providing (flimsy) legal cover for the company.

replies(2): >>45668724 #>>45668759 #

1. jeroenhd ◴[22 Oct 25 13:23 UTC] No.45668759[source]▶

>>45668156 #

While this is true, the EU does have a tendency to step in and start enforcing technical requirements if the industry doesn't respond. USB-C, for instance, has been standardised, because attempts to tell the industry "one plug, you people figure out which one" didn't work.

It's still early days for the GDPR (relatively speaking), but I can see the EU enforcing a particular privacy-related mechanism eventually.

It also doesn't help that DNT is just a boolean signal, it doesn't give you the control over your data that the GDPR demands.

replies(1): >>45671114 #

2. p_l ◴[22 Oct 25 15:58 UTC] No.45671114[source]▶

>>45668759 (TP) #

Relatively speaking GDPR at this point is just shy of 30 years old - that's when most of the effective rules came into play.

What changed the most with GDPR is that enforcement now has teeth. Not as big teeth as say, NIS2, which actually has executives more concerned than middle level about being compliant, but still big.

↑