←back to thread

Internet's biggest annoyance: Cookie laws should target browsers, not websites

(nednex.com)
582 points SweetSoftPillow | 1 comments | 22 Oct 25 12:12 UTC | HN request time: 0.215s | source
Show context
michaelmauderer ◴[22 Oct 25 12:36 UTC] No.45668112[source]
The problem here is not the law, but malicious compliance by websites that don't want to give up tracking.

"Spend Five Minutes in a Menu of Legalese" is not the intended alternative to "Accept All". "Decline All" is! And this is starting to be enforced through the courts, so you're increasingly seeing the "Decline All" option right away. As it should be. https://www.techspot.com/news/108043-german-court-takes-stan...

Of course, also respecting a Do-Not-Track header and avoiding the cookie banner entirely while not tracking the user, would be even better.

replies(27): >>45668188 #>>45668227 #>>45668253 #>>45668318 #>>45668333 #>>45668375 #>>45668478 #>>45668528 #>>45668587 #>>45668695 #>>45668802 #>>45668844 #>>45669149 #>>45669369 #>>45669513 #>>45669674 #>>45670524 #>>45670593 #>>45670822 #>>45670839 #>>45671739 #>>45671750 #>>45673134 #>>45673283 #>>45674480 #>>45675431 #>>45678865 #
itopaloglu83 ◴[22 Oct 25 12:54 UTC] No.45668333[source]
Tracking by default is not an acceptable solution, so I would say respecting the Do-Not-Track header must be mandatory and enforced by laws and percentage of global revenue fines.
replies(2): >>45668525 #>>45668738 #
layer8 ◴[22 Oct 25 13:22 UTC] No.45668738[source]
That wouldn’t help much in terms of annoyance, because you need the option of per-site or per-service opting-in to tracking cookies (like “remember me” checkboxes and similar functionality), and then you can’t really prevent web pages showing a banner offering that opt-in option. It wouldn’t be exactly the same as today’s cookie banners, but websites would made it similarly annoying.
replies(4): >>45668808 #>>45668888 #>>45669555 #>>45669756 #
ajsnigrutin ◴[22 Oct 25 14:19 UTC] No.45669555[source]
In my opinion, it would be best to regulate the browsers themselves... preinstalled browser on a device sold in EU? Cookies are silently stored to a temporary jar, deleted on tab/window close. One jar per domain. Then add a button by the address bar to enable the "I want this site to remember me", and it'll make the cookies from that domain 'permanent' (with an additonal 'advanced' setting if you want to allow 3rd party cookies too or not).

But hey, when the regulators are lawyers who have no idea what cookies and browser are, we get consent forms on every domain visit.

replies(2): >>45670128 #>>45670322 #
1. 1718627440 ◴[22 Oct 25 15:09 UTC] No.45670322[source]
Tracking now happens with fingerprinting, focusing on cookies won't provide a benefit.

> when the regulators are lawyers who have no idea what cookies and browser are, we get consent forms on every domain visit.

In this case the regulators have considered the problem and implemented the law independent of the used technology. The software developers/companies were the clueless/malicious ones here.