Privacy

42212 readers

715 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

194

Europe’s cookie law messed up the internet. Brussels wants to fix it. (www.politico.eu)

submitted 1 week ago by Zerush@lemmy.ml to c/privacy@lemmy.ml

61 comments fedilink hide all child comments

The European Commission aims to reform the EU's cookie consent rules that have cluttered websites with intrusive banners asking for permission to track user data[^4]. The initiative seeks to streamline data protection while maintaining privacy safeguards through centralized consent mechanisms[^4].

Cookie consent banners emerged from the ePrivacy Directive (Cookie Law) and GDPR requirements, which mandate websites obtain explicit user permission before collecting non-essential data through cookies[^17]. Current rules have led to widespread implementation of pop-up notices that interrupt user experience and often employ confusing interfaces.

The proposed changes reflect growing recognition that the existing approach has "messed up the internet" while failing to provide meaningful privacy protection[^4]. Rather than requiring individual consent on every website, the Commission is exploring solutions like centralized consent management to reduce banner fatigue while preserving user privacy rights.

[^4]: Ground News - Europe's cookie law messed up the internet. Brussels wants to fix it.

[^17]: Transcend - Cookie Consent Banner Best Practices: Optimizing Your Consent Management Experience

you are viewing a single comment's thread
view the rest of the comments

[–] PumpkinSkink@lemmy.world 29 points 1 week ago (1 children)

Just mandate a single button to reject all cookies and that the default be "reject all" if users skip the banner.

[–] Ferk@lemmy.ml 9 points 1 week ago* (last edited 1 week ago) (1 children)

That doesn't work, because rejecting all cookies means it's impossible for the page to remember whether you skipped the banner.. so the result is that the banner will always show.

The real solution would be to have this be a browser / HTML standard. Similar to other permissions managed by the browser (like permission to get camera/mic, permission to send notifications, etc).. then each browser can have a way to respond to these requests for permission that we can more fully control/customize.. with a UI owned by the browser that is consistent across websites and with settings that can be remembered browser-side (so the request can be automatically denied if that's what you want).

[–] RichardDegenne@lemmy.zip 5 points 1 week ago (1 children)

The law only concerns cookies that are not strictly necessary to provide a service.

So the cookie to remember that you denied all non-necessary cookies could be seen as necessary and thus not require your consent.

[–] Ferk@lemmy.ml 1 points 1 week ago* (last edited 6 days ago) (1 children)

@PumpkinSkink@lemmy.world said "reject all", not "reject optional cookies" or "allow essential". If the website offers a "reject all" button (which many do, even if that's not mandated by the law), it actually does reject even the essential cookies. In my experience, the times I've chosen to press such button it always result on the banner showing again if you refresh the page.

And "Could be seen as" is subjective too. They could argue that having the banner, even if inconvenient, does not really break the website. They can also easily argue that since the point of the law was to get them to request consent then they are actually being even safer in terms of compliance by asking more.

Also, I still would rather have the possibility of no banners, not even the first time I open the page. The configuration from the browser following the standard could set a default for all websites and potentially avoid the popup to begin with. Then the responsibility would be with the browser, not the website.

[–] RichardDegenne@lemmy.zip 1 points 6 days ago (1 children)

I still would rather have the possibility of no banners, not even the first time I open the page.

Oh that's entirely possible, even with the current law as it is. All the developer has to do is to stop using cookies for anything that is not related to the functionality of the website.

But of course, the adtech bros won't give up on their precious tracking, so they'd rather try and shift the blame with an empty argument along the lines of "Hey, the bad EU law is forcing us to bother you."

[–] Ferk@lemmy.ml 1 points 6 days ago* (last edited 6 days ago)

Yeah, that's why I'm saying that the current solution does not work. It's why I was proposing a new standard that is enforced by law and that does not depend on subjective definitions of what's "essential" so anyone who does only want to allow certain purposes can opt in/out of certain cookies without the hassle.