|
| kqvamxurcagg wrote:
| Google of course would have known this UX was likely to be
| illegal but made the decision that any fine would be much less
| than the commercial benefit.
| axg11 wrote:
| It would be fascinating to see the design review document and
| resulting launch metrics for this. Somewhere deep in Google
| there is a written justification for the previous dark pattern.
| tgsovlerkhgsel wrote:
| If the people responsible for the decision listened to the
| lawyers, I doubt there will be any written notes on this...
| robonerd wrote:
| Or they CC'd lawyers in all the discussions, ostensibly to
| receive legal review but actually so they could later try
| to hide those discussions from discovery under the pretext
| of it being privileged attorney-client communication.
|
| _" Google routinely hides emails from litigation by CCing
| attorneys, DOJ alleges"_ https://arstechnica.com/tech-
| policy/2022/03/google-routinely...
| anticensor wrote:
| As soon as you add a third party as a carbon-copy
| recipient, you lose the privacy privilege of the
| attorney-client communication.
| NelsonMinar wrote:
| I've noticed when I go to configure my cookies on European sites,
| most of them default to all the tracking stuff turned off. Is
| that typical? Is it required by the law? They still do everything
| they can in the UI to encourage you to "accept all", but there's
| generally a single button to click to "reject all" and it'd be
| more work to pick and choose.
| U1F984 wrote:
| Yeah, it's a requirement by law, tracking must be disabled
| unless explicitly allowed. Accepting all must be as easy as
| denying. However a lot of sites offer an easy one-click accept
| all and the deny all is behind a two step "configure" +
| "confirm selection", sometimes even with a fake save timer.
| NelsonMinar wrote:
| Thanks! I looked for info on this and failed; is there some
| reference I can share with people about how this part of the
| law works? Maybe it's not completely obvious, apparently
| Google had failed to comply with it.
| matsemann wrote:
| Gdpr article 7 says it should be as easy to withdraw
| consent as to give it.
|
| The rules are pretty straightforward, really, it's just
| Google banking on the fines for not doing it correctly
| would be less than the profit made.
| NelsonMinar wrote:
| Article 7 is pretty non-specific and does not discuss
| defaults. Recital 32, however, is quite specific and
| gives me the answer I was looking for
| https://gdpr.eu/recital-32-conditions-for-consent/
|
| "Consent should be given by a clear affirmative act ...
| Silence, pre-ticked boxes or inactivity should not
| therefore constitute consent."
| zeroz wrote:
| In my opinion the whole 'cookie banner industry' sucks. From a
| customer perspective I'm completely annoyed with different types
| of banners wasting my time with searching the right button,
| waiting because of artificial delays, clicking through layers of
| fake settings to find the reject option and other dark patterns.
| However, from a provider perspective things a not better.
| Unnecessary waste of time and money to look for plugins and
| services to deal with cookie walls to avoid GDPR problems. Best
| thing would be a EU enforcing the use of a standard browser API
| to ask for tracking. Just as simple as asking me if I want to
| share my location or webcam with an option to remember for this
| domain.
| jeroenhd wrote:
| I really want the web browser industry to come together and
| form a new kind of P3P standard, complete with some example
| libraries for people to use on the backend.
|
| Sadly, the browser market is dominated by Google, who has a
| direct interest in tracking people, Apple, who operates in
| proprietary protocols unless they absolutely have to,
| Microsoft, whose stalking exceeds even Google's at this point,
| and then a tiny slither of well-meaning but overall badly-
| managed open source projects.
|
| Relying on the DNT header is difficult as "tracking" can be
| interpreted in a number of ways, especially by the data
| vampires of the advertising industry where they have developed
| many nice words to make their business so sound harmless. We
| need a better protocol, implemented across the board, for this
| to automate away these ridiculous popups. If a sufficiently
| flexible protocol exists, I'm sure it'll be taken up by either
| Europe's DPAs or even new legislation, though existing
| legislation should already be sufficient.
|
| The EU should not, and generally doesn't want to, specify which
| technologies get used because technologies develop faster than
| bureaucracy. The hastily thrown together Brexit accords mention
| Netscape Navigator and ancient, insecure, outdated cryptography
| because they decided to include that in legislation many years
| ago and the accord was just a combination of existing EU and UK
| laws thrown together. We don't want that to happen again,
| especially on a larger scale.
| etotolkoya wrote:
| At least in the past, I remember to see the same youtube
| recommendations even after deleting all cookies etc from the
| browser. So google was fingerprinting you in one way or the
| other. I doubt this changed. So what is the point of not using
| cookies? They are tracking you anyway.
| drdaeman wrote:
| I still don't understand why this is a website thing and not an
| user-agent^W^W webbrowser thing.
|
| EU could have requested browser vendors to implement a mechanism
| to accept or reject cookies. We wouldn't have those oddly
| designed (and infrequently infested with dark patterns in attempt
| to sway users towards accepting everything) bars and popups, and
| it would've been 100% reliable (and even the reject decision
| would be remembered correctly) instead of hoping that website
| actually respects the choice instead of having a banner that does
| absolutely nothing.
| dividedbyzero wrote:
| I wouldn't trust Google with something like this. They might
| just implement it in an almost-correct but useless way in
| Chrome and use their leverage and lawyers to stall for as long
| as possible.
| HWR_14 wrote:
| This sounds an awful lot like the Do Not Track setting in every
| browser.
| drdaeman wrote:
| Yes and no.
|
| "Do Not Track" setting does not do anything but sending a
| header to all websites you visit. Plus, it was blamed to have
| an unfavorable default.
|
| The whole popup mess those days is essentially about those
| facts - there are no easy per-site controls with no default
| state (with a possible default if user consciously and
| explicitly configures their system as "accept all everywhere"
| or "reject all everywhere" - but this can't be out-of-the-
| box). Cookie prompts are just like that: per-site and without
| a default (you have to actively make a decision every time -
| accept or reject).
|
| I'm arguing that it would've been better if all those consent
| prompts would've been unified and a part of browser UI
| (rather than website UI). Because of two reasons: 1) the UI
| and UX would be uniform, consistent, and not prone to design
| whims and dark patterns; and 2) because this way browsers
| would be able to guarantee that the choice is partially
| respected by actually not accepting cookies. DNT header would
| be still needed to tell website to disable server-side
| tracking (and one has to believe that website respects it -
| turning this into a legal matter), but the whole design is
| different.
|
| (Just not like that annoying geolocation or camera popup
| prompts lol. A bar on top of the webpage would've been a sane
| option, I guess.)
| PeterisP wrote:
| Since the law requires it to be opt-in, having Do Not Track
| be the automated default without any prompts is not
| problematic but the whole point of the thing.
| sofixa wrote:
| Because it isn't only about cookies, it's about tracking in
| general.
| drdaeman wrote:
| True. Everyone (myself included) calls this a "cookie popup",
| but it's about tracking. "Do not track" was a better name,
| but otherwise a poor implementation.
|
| I wondered why not make such tracking (or "cookie") prompts a
| part of webbrowser UI, standardized and sure to be compliant.
| With enforcement of what browser can enforce (disabling
| persistent storage), and leaving the rest (e.g. disabling IP-
| address based tracking) to the website.
| sofixa wrote:
| One potential reason is responsibility - if the browser
| just doesn't implement the required UI for that, who would
| be at fault? Would the browser vendor be fined, and for how
| much?
|
| Now it's up to those doing the tracking to tell exactly
| what they collect and who they share it with, and ask for
| permission. If they screw it up, they get fined
| proportionately.
| muhehe wrote:
| Make it opt-in and it's solved. Server doesn't receive
| "yes you can" header because browser didn't implement it?
| Cool, no tracking. Or if there is tracking, website is at
| fault.
| sofixa wrote:
| But it's not "opt in to tracking", it's "do you accept
| that we record X, Y, Z for A, B, C and share it with our
| partners G, F, K?". It's not a yes/no.
| layer8 wrote:
| The legislation doesn't want to require specific technical
| implementations. They want to specify the legal
| requirements as independent as possible from whatever
| underlying technical mechanisms are used. That makes it
| more future-proof and at the same time also simpler than
| having to come up with a technical standard.
| morelisp wrote:
| sofixa's point this isn't really about "cookies" aside, why
| should the state legislate a mostly-well-behaved actor have to
| do additional work to deal with bad actors, instead of (at
| least trying to) addressing the bad actors directly?
|
| HN already whines about how hard GDPR is to comply with, can
| you imagine how bizarro it would be if the EU regulators were
| chasing after Firefox and not Facebook?
| _moof wrote:
| _> why should the state legislate a mostly-well-behaved actor
| have to do additional work to deal with bad actors_
|
| This is pretty much just how regulated industries work. One
| jerk does something shady or dangerous and then everyone else
| has to do extra paperwork and inspections in order to prove
| they aren't doing shady or dangerous things too. It isn't the
| regulator's fault; it's the jerk's fault.
| qeternity wrote:
| Because it's impossible for browsers to know which cookies are
| necessary for functionality, and which are for tracking.
| gaganyaan wrote:
| That doesn't seem like a big issue. Have browsers refuse all
| cookies by default, and let the server send headers that say
| "please allow these cookies, they're actually necessary".
| Browsers can either trust that list, or present it to the
| user and let them decide.
| qeternity wrote:
| > Browsers can either trust that list, or present it to the
| user and let them decide.
|
| This is literally the current system.
| gaganyaan wrote:
| By that I mean that this page would also list a
| "RequiredForBasicFunctionality=true" syntax:
|
| https://developer.mozilla.org/en-
| US/docs/Web/HTTP/Headers/Se...
|
| Or maybe a "Role=Required", "Role=Advertising" sort of
| thing.
|
| I don't see any sort of equivalent of that now.
| watwut wrote:
| That is because cookies dont require any popup and legislation
| does not requires approval for cookies.
|
| It muat specifically be tracking cookie. You can have language
| cookies and what not cookies without any consent.
| kerng wrote:
| Good!
|
| Now can Google please also respect the DNT header and
| automatically reject all cookies if present? That would
| demonstrate real leadership and putting the user experience
| first.
| bouke wrote:
| DNT is dead, sadly.
| LunaSea wrote:
| As soon as user start paying subscription.
| tintedfireglass wrote:
| Only Europe. Sigh.
| jeroenhd wrote:
| Though the current state of the web is depressing, the rise of
| piracy and TOS-breaking VPNs for the general public made it
| quite easy and inconspicuous for people to use VPN services.
|
| You can effectively get the protection of any EU based citizen
| by setting up a VPN with an endpoint in Europe. There are dirt
| cheap options thanks to the man youtube sponsor discounts, and
| there are privacy-first VPN providers like Mullvad who are
| pricier but better if you care about your traffic.
| bongoman37 wrote:
| TaylorAlexander wrote:
| It's so offensive when companies offer the two options "let us
| track you, or: go through this weird menu to disable tracking".
|
| You know wouldn't it just be kind to the user to make it easy to
| go un tracked? Upsetting that they have to be compelled to do it.
| alkonaut wrote:
| Yes and it's also not confirming to the regulations that made
| them add the banner in the first place!
|
| I have no idea why anyone chooses to add a banner and then add
| one that is obviously in violation. Why not then just _not_ add
| one? Is it because these cases are not yet enforced /fined so
| they think "let's put an obnoxious non-compliant one for now,
| so we keep ad revenue, and only switch to a compliant one if we
| are actually sanctioned to do so, or the company across the
| street is fined to oblivion for doing it?"
|
| Anyone here working at a site that did this? Why?
| DangitBobby wrote:
| They probably don't actually realize it's not compliant. They
| just saw everyone else doing it and mindlessly followed the
| herd. Users probably also think they are compliant and blame
| the EU.
| mdaniel wrote:
| Worse, it's actually just a _request_ to disable tracking, just
| like the unsubscribe link is a "if you get around to it in 6-8
| weeks put my address on a do-not-contact list"
|
| Without the very real fear of meaningful fines for tracking
| after rejection, it's just lip service
| Raed667 wrote:
| Still no button in France, any ETA on the release?
|
| https://imgur.com/a/6gQUoBK
| unicornporn wrote:
| Got it in Sweden today.
| kgbcia wrote:
| someone needs to step up to Google on this side of the Atlantic.
| They are constantly in the news regarding their tracking.
| tracking should be off by default. all cookies should be ban
| except session cookies that expire when browser closes. we
| already have saved passwords and logins for browsers
| tgsovlerkhgsel wrote:
| Background (which also explains why it's being rolled out in
| France first):
| https://www.theguardian.com/technology/2022/jan/06/france-fi... -
| on January 6, Google was given 3 months to fix this, with a 100k
| fine for each additional day.
|
| I'm wondering why it took slightly but not significantly more
| than the 3 months. On one hand, adding a button doesn't have to
| take 3 months despite all the necessary reviews etc., not if it's
| actually considered a priority. On the other hand, if the
| benefits were considered worth the fine/fee, you'd expect a
| bigger delay.
| remus wrote:
| Personally I wouldn't read too much in to the timing. Although
| the end result looks small the change affects multiple large
| projects, each with hundreds of millions of users, and likely
| has knock on effects in other parts of google. Sprinkle in a
| bit of legal review + big company bureaucracy and I can easily
| imagine it taking 3 months.
| jeltz wrote:
| Maybe they just wanted some extra time to do A/B tests of
| different layouts.
| layer8 wrote:
| I wonder if they switch the button order for Windows vs. Mac
| users.
| noja wrote:
| > I'm wondering why it took slightly but not significantly more
| than the 3 months
|
| Maybe they planned for 3 months and it took longer?
| leros wrote:
| The company I work at would break if cookies weren't allowed.
| It would be a mad scramble to change many many things to just
| function at all. 3 months seems pretty fast to me to be honest.
| asddubs wrote:
| you don't need to ask permission for functionality cookies,
| only tracking and such
| leros wrote:
| The line is blurry sometimes.
|
| Also there is likely lots of code that would break without
| a tracking cookie passed to it because tons of code is
| written with the assumption the cookie would be there.
| asddubs wrote:
| well, it wasn't just the last 3 months that there was
| supposed to be a way to disable those, just that it has
| to be a single button now (which afaik was previously
| already the case anyway)
| SSLy wrote:
| GDPR is in effect since four years ago. Are your deps
| older than that?
| shadowgovt wrote:
| Most people's deps are older than that. And vast swathes
| of easy-to-use open-source web infra has non-GDPR-
| compliant defaults.
| emdowling wrote:
| I can guarantee that the vast majority of implementation time
| was more likely due to verification and auditing of the
| solution, rather than the solution itself.
| ratww wrote:
| They are definitely already A/B testing this. I'm in Germany
| and sometimes I see the "Decline" button when opening Google in
| an incognito window.
| potatoman22 wrote:
| I wonder what they'd be A/B testing for... which 'Decline'
| button gets the least clicks?
| fistynuts wrote:
| To check it's not broken before they roll it out Europe-
| wide.
| mbesto wrote:
| That's not an A/B test per se, thats a blue/green
| release.
| ratww wrote:
| My guess is they just A/B test everything by default, even
| stuff that's court ordered.
| mattnewton wrote:
| Basically true but not the terms I'd use; they aren't
| really A/B tests but staged rollouts, though the process
| and tooling required is similar. We did staged rollouts
| of _everything_ back when I worked on google search that
| wasn't a trivial bug fix. We'd move it to 1% for a day,
| check metrics, increase to 10%, hold a couple more days
| and check metrics, then to 100%. Very sensitive or risky
| launches might hold at a full 50% for some time. UI
| changes were "dark launched" behind a flag that we
| incrementally flipped on. The reason is that no test
| suite captures reality and this discipline forces you to
| account for easy rollbacks (just turn the flag off) and
| handle "skew" (the case where I user starts a session
| where the flag is off but then starts talking to a
| machine where it is on, or vice/versa). This was in
| addition to the binary that released multiple times a
| week and rolled out slowly over the course of the day,
| and often this happened after multiple versions were
| tested in experiments with statistically significant
| samples.
| robbedpeter wrote:
| Or which version results in the least engagement / fastest
| click. You don't necessarily want to prompt introspection
| about privacy.
| sodality2 wrote:
| This is absolutely true. I took a survey through MTurk
| from Google, from back when they were reworking the "ad"
| icon on search results. They wanted me to quickly select
| the first non-ad, with different "ad" icon styles (same
| color as rest of text, different shapes, etc).
| ______-_-______ wrote:
| They'll gladly pay (maybe) 2 million in fines so that later
| they can pretend complying was extremely difficult for them.
| Drop in the bucket in the long run.
| imajoredinecon wrote:
| The blog post mentions:
|
| > This update meant we needed to re-engineer the way cookies
| work on Google sites, and to make deep, coordinated changes to
| critical Google infrastructure.
| hef19898 wrote:
| That's acknowledgment of the fact that trampling people's
| privacy is Google's business model.
| nerdponx wrote:
| Google has a very strong interest in developing tracking
| techniques that do not require cookies, so they can appear
| to be on the side of the public with respect to privacy,
| while also securing a competitive advantage for tracking in
| a post-cookie world.
| wereHamster wrote:
| No they didn't have to. Rejecting all cookies was possible
| before, it was just hidden behind convoluted and confusing
| menus. To make this functionality available with a single
| click of a button they didn't have to invent any new
| technology or process or backend service. Just move the
| onClick handler to a different HTML element on a different
| page.
| shadowgovt wrote:
| And everyone could build Twitter in a weekend.
|
| Google cookies do not work that way. Ironically, one of the
| challenges is that some of them are firewalled from each
| other so that it's harder to aggregate a holistic picture
| of a user in one location. You know, for privacy reasons.
|
| And not even moving an onClick handler is trivial given the
| layers of abstraction that Google's UIs are built on top
| of.
| zarzavat wrote:
| Submitting a form with toggle controls set to the off
| position is not "building Twitter".
|
| The only reason this would take 3 months rather than a
| few days is if:
|
| A) they were lying before in the old cookie popup
|
| B) they are dragging their feet out of spite
|
| Not sure which is worse honestly.
| Groxx wrote:
| There is also room for C) they had millions of crappy
| partial copies of the same pop-up, much of which had to
| be fixed by hand
| shadowgovt wrote:
| > Submitting a form with toggle controls set to the off
| position is not "building Twitter".
|
| That's also not what "reject all" does.
| jdrc wrote:
| "we will track your ass via other means"
| nicbou wrote:
| LeGiTiMaTe InTeReSt!
| mirntyfirty wrote:
| mwahahahahahah
|
| Yes, now if Android had a button for shutting off telemetry,
| that'd be even better.
| simion314 wrote:
| >"we will track your ass via other means"
|
| GDPR applies even if you use pen and paper, you still need to
| ask for permissions. But in this case it was a dark pattern,
| Google had no choice then to ask for permission but made it
| hard to deny them.
| Tomte wrote:
| No.
|
| "This Regulation applies to the processing of personal data
| wholly or partly by automated means [...]"
|
| Sure, if a machine uses a plotter, but not if a human being
| is writing stuff down.
| PeterisP wrote:
| The [...] you omitted is "and to the processing other than
| by automated means of personal data which form part of a
| filing system or are intended to form part of a filing
| system." - if your company takes notes on your customers
| with pen and paper and puts these notes in a drawer for
| further use in your business processes, GDPR definitely
| does apply.
|
| A random real example is that I used to work in a building
| which had a paper logbook where people sign the time and
| name when taking/returning keys for the meeting rooms. That
| logbook falls under GDPR as it has personally identifiable
| information - there's the legitimate need use case
| justifying it; but if the company suddenly wanted to use
| the stored data for some other purpose, that might be
| restricted.
| dmitriid wrote:
| GDPR is applied to personal data in general. It is "
| _General_ Data Protection Regulation ".
|
| And it states in (15):
|
| --- start quote ---
|
| In order to prevent creating a serious risk of
| circumvention, the protection of natural persons should be
| technologically neutral and should not depend on the
| techniques used. The protection of natural persons should
| apply to the processing of personal data by automated
| means, as well as to manual processing, if the personal
| data are contained or are intended to be contained in a
| filing system
|
| --- end quote ---
|
| And in Article 2, emphasis mine. It also lists what it
| doesn't apply to.
|
| --- start quote ---
|
| 1. This Regulation applies to the processing of personal
| data wholly or partly by automated means _and to the
| processing other than by automated means of personal data
| which form part of a filing system or are intended to form
| part of a filing system_.
|
| 2. This Regulation does not apply to the processing of
| personal data:
|
| (a) in the course of an activity which falls outside the
| scope of Union law;
|
| (b) by the Member States when carrying out activities which
| fall within the scope of Chapter 2 of Title V of the TEU;
|
| (c) by a natural person in the course of a purely personal
| or household activity;
|
| (d) by competent authorities for the purposes of the
| prevention, investigation, detection or prosecution of
| criminal offences or the execution of criminal penalties,
| including the safeguarding against and the prevention of
| threats to public security.
|
| --- end quote ---
|
| And in Article 4. Definitions
|
| --- start quote ---
|
| (2) 'processing' means any operation or set of operations
| which is performed on personal data or on sets of personal
| data, whether or not by automated means, such as
| collection, recording, organisation, structuring, storage,
| adaptation or alteration, retrieval, consultation, use,
| disclosure by transmission, dissemination or otherwise
| making available, alignment or combination, restriction,
| erasure or destruction;
|
| --- end quote ---
| hedora wrote:
| OK, so there's a single button, and if you press it, all Google
| properties will stop tracking you across all sites?
|
| Bulls@#t.
|
| Next they'll be claiming they never monetize user data.
| throwaways85989 wrote:
| These consent forms are such a sabotage on the original idea.
|
| The idea being, as far as i remember, you set your preferences
| once. In a container on your machines under your control.
|
| Then the site and the container negotiate. Either the side is
| willing to accept your preferences - or it denies showing to you
| - or presents you a "negotiated" down version. No clicking. No
| visible banners. No large forms and lawyer legalese.
|
| Just a privacy level setting for the web via standardized API.
| Europe at least tried but dropped the ball.
| alkonaut wrote:
| If the site shows something else (I.e not the service the
| visitor would see if comsenting) then it's in violation?
| okamiueru wrote:
| Does this "reject all" accept the "legitimate uses" which very
| clearly break GDPR?
|
| Most GDPR dialog windows I've encountered have made it harder to
| opt out of what they incorrectly claim to be "legitimate
| interests". According to GDPR, a "legitimate interest" has very
| clear requirements, which are by no means met. This "legitimate
| interests" very often includes things like "creating a
| personalized add profile and tying it to external data lakes and
| devices", which is by no means necessary in order to provide the
| service.
|
| I'm waiting for what has become the de-facto abuse of GDPR to
| have a serious reckoning.
| jeroenhd wrote:
| The legitimate interest ticks are just another way for the scum
| of the web to break the law. I hope the makers of these popups
| will at some point get fined to hell because of their sneaky
| attempts to smuggle tracking into the browsers of people who
| click the "fuck you and fuck your cookies" button.
| Macha wrote:
| The warning shot for "legimate interests" has been fired in the
| IAB Europe lawsuit, in IAB Europe's position as the advertising
| interest body which endorsed it for advertising uses:
| https://iapp.org/news/a/belgian-dpa-fines-iab-europe-250k-eu...
|
| I assume if France was breathing down Google's neck in the
| design of this feature (or as Google puts it "Providing
| specific direction"), I assume this does not have legitimate
| interest bullshit.
| fallingknife wrote:
| martin_a wrote:
| Somewhat ironic that the cookie banner of theverge.com is using
| the same tactics/patterns (or even worse, according to UBlock
| Origin) that Google was fined for.
| ckastner wrote:
| What an amazing win for Europe, and the GDPR.
|
| This isn't about just the button. Until a few years, "you're not
| the customer; you're the product" was the norm for a typical
| user's interaction with the internet, and they were powerless to
| change that.
|
| Then the GDPR came along, declaring that users have fundamental
| right to their data, and as such, they no longer can be forced to
| be "the product" without their consent. One of its most
| empowering rules, however, is in Article 7 (4):
|
| _" When assessing whether consent is freely given, utmost
| account shall be taken of whether, inter alia, the performance of
| a contract, including the provision of a service, is conditional
| on consent to the processing of personal data that is not
| necessary for the performance of that contract."_
|
| So consent must be (1) freely given, and (2) it's not free if
| you're blocking access to service A by requiring consent for
| service B, when B is unnecessary for performing A.
|
| Hence, a search engine cannot force you to consent to tracking
| for advertising purposes, because technically, the search engine
| doesn't need it.
|
| So how can the search engine make money? One popular way that has
| already been ruled as legal is to offer two plans: a paid plan
| with no ads and tracking, or a free plan with ads and tracking
| (in essence, it's a paid plan and you're paying for it with
| tracking).
| jsnell wrote:
| > One popular way that has already been ruled as legal is to
| offer two plans: a paid plan with no ads and tracking, or a
| free plan with ads and tracking (in essence, it's a paid plan
| and you're paying for it with tracking).
|
| Where has that been ruled legal, and do you have a link to the
| ruling? I've only seen German newspapers do this, so my
| assumption has been that it's just the German authorities
| turning a blind eye to it. If it's really a legit option, it
| seems like a miracle that nobody else is using this.
| ckastner wrote:
| > _Where has that been ruled legal, and do you have a link to
| the ruling?_
|
| This was communicated to me by a law firm specializing this
| area. This was with regards to the newspaper
| "derstandard.at".
|
| Here's a source in German which includes the ruling as a PDF
| [1].
|
| I see that in the meantime, this "pay or okay" model has been
| questioned again, but in any case, a ruling exists. And, as I
| was told, the national DPAs don't just rule as they see fit,
| but rather coordinate with other DPAs, in order to harmonize
| the enforcement across the EU.
|
| [1] https://www.dataprotect.at/2018/12/07/payortrack-die-
| entsche...
|
| > _If it 's really a legit option, it seems like a miracle
| that nobody else is using this._
|
| None of the big sites are using it because it's frequently
| far more profitable to track people. Just look at various
| revenue-per-user stats.
|
| And the users most willing to spend money for no-tracking
| tend to be the users who also spend money on other things, so
| their the users you'd want to advertise to the most.
| mrmr1993 wrote:
| The UK's ICO took a different stance[0] when the Washington
| Post tried to do this a few years back. For companies that
| want to do business in the UK, it probably makes sense to
| follow that more conservative decision.
|
| The decision that you link also seems very much at-odds
| with the text of the GDPR (in both the German and English
| versions):
|
| > (42) Consent should not be regarded as freely given if
| the data subject has no genuine or free choice or is unable
| to refuse or withdraw consent without detriment.
|
| Interestingly, the decision that you linked prefers to rely
| on the case law of the data protection authority when
| interpreting the question of consent, in particular
| referring to rulings that predate the GDPR, despite its
| refinement of the concept of consent. It also focuses upon
| 'wesentlicher Nachteil' (significant detriment) where the
| original text of the GDPR prohibits just 'Nachteil'
| detriment. I find these choices rather suspicious, and
| wouldn't be comfortable with relying on them holding if
| challenged in other EU states.
|
| [0]:
| https://www.theregister.com/2018/11/19/ico_washington_post/
| qeternity wrote:
| > and they were powerless to change that.
|
| Don't use the service.
|
| > they no longer can be forced to be "the product" without
| their consent.
|
| Don't use the service.
|
| > when B is unnecessary for performing A.
|
| Technically unnecessary, the same way that the existence of
| goods in a shop is not dependent on whether or not I pay for
| them. But it sure has hell is necessary for the shop to keep
| functioning.
|
| The overwhelming majority of people are happy to sell their
| data for free services. How many Facebook movies need to be
| made before people are convinced that 1) the average person
| knows they are being tracked and 2) they would still rather be
| tracked than pay.
|
| I mean ffs, Netflix is about to roll out an ad supported plan.
| The average person does not value their privacy nearly as much
| as the outraged HN'er would believe.
|
| Bring on the downvotes.
| alkonaut wrote:
| The whole idea of the law (at least as I see it) is to state
| that companies shouldn't be allowed to trade in people's
| information unless both parties of the transaction know
| exactly what the transaction is. And that means even people
| who don't care.
|
| That basically means the business model "give people a
| service in exchange for personal info they _think_ they don't
| mind sharing" isn't ok.
|
| It also, by extension, means that you are telling consenting
| people that some agreements aren't ok for them to enter into.
| Which is also fine.
|
| > The average person does not value their privacy nearly as
| much as the outraged HN'er would believe.
|
| I think you have it backwards. Regulation is needed _because_
| people don't care. Not the other way around.
|
| Seat belt laws are there because people don't care about
| personal safety enough.
| Nextgrid wrote:
| > Don't use the service.
|
| This is fine if:
|
| 1) The true extent of the tracking was disclosed. Before the
| GDPR that wasn't the case.
|
| 2) In practice, this only works for small services with lots
| of competition. For services which have a monopoly and/or
| oligopoly (and _all_ of them are equally bad), this isn 't a
| solution.
|
| Maybe the GDPR can be relaxed in a few years/decades after
| other regulations against monopolies take effect or the
| monopoly/oligopoly problem self-resolves, but in the meantime
| I think the current state of the GDPR is valuable.
| dmitriid wrote:
| > So how can the search engine make money? One popular way that
| has already been ruled as legal is to offer two plans: a paid
| plan with no ads and tracking, or a free plan with ads and
| tracking (in essence, it's a paid plan and you're paying for it
| with tracking).
|
| Google search was likely profitable with keyword ads long
| before any tracking was involved.
| Terry_Roll wrote:
| I saw this the other day on youtube, it appeared, saw the middle
| Reject All button, clicked it, closed and reset the browser,
| tried again and it didnt appear!
|
| Were they testing bots?!?
|
| Regarding the Reject All button, its about bloody time, these
| tech giants have plenty of other surveillance methods at their
| disposal if they want to go down that creepy criminal online
| stalking route, exploiting people's lack of knowledge to make
| sure shareholders and employees are getting their top dollar.
| aembleton wrote:
| They're probably a/b testing it
| Terry_Roll wrote:
| No there is more surveillance than meets the eye and more
| hacking in plain site than most people realise, after all
| when is a company not organised crime?
| blue_box wrote:
| I'm hoping that Apple will bring this reject all tracking cookies
| option to Safari so websites read that instead of asking all the
| time.
| axg11 wrote:
| Cookies are just completely broken. The EU should never have
| got involved in the way that it did. No matter how positive the
| intentions, the web is a worse experience as a result, with
| marginal privacy gains.
| dmitriid wrote:
| > the web is a worse experience as a result, with marginal
| privacy gains.
|
| The web is a worse experience because of companies like
| Google and IAB _willingly breaking the law_. But sure, blame
| the law.
| hedora wrote:
| I'm really hoping Do Not Track becomes legally binding.
| (Also, how is it not already treated like a piece of a
| contract negotiation? It is machine readable and sent on
| every request. Hidden website EULA's are already treated
| like contracts.)
| dmitriid wrote:
| DNT is deprecated and now removed from all browsers
| because it was ironically used for fingerprinting and
| tracking.
| nofunsir wrote:
| We.don't.care.about.experience.
|
| We care about privacy.
|
| I would rather use Lynx than any more creepy JavaScript.
|
| When I want "experience" --- a concept I loathe because it is
| a euphemism in all senses, and somehow arrogant and naive at
| the same time. --- that is the role of a desktop program. And
| it better ask me and inform me whenever it wants to perform a
| network request.
| zasdffaa wrote:
| > Cookies are just completely broken
|
| In what way?
|
| > The EU should never have got involved in the way that it
| did
|
| Maybe, can you explain where it failed.
|
| > the web is a worse experience as a result
|
| That's debatable
|
| > with marginal privacy gains
|
| can you quantify that?
|
| Myself, I turn off all JS and nix all cookies (with about the
| only temporary exceptions being for posting on HN). WFM.
| Jon_Lowtek wrote:
| The focus on cookies was always a bit off and more a result
| of too much technical detail resulting in laws missing their
| intent. The legislative moves slowly, over time, this will be
| fixed. However the legislative regulating how webservices
| have to handle data privacy was very necessary (and the
| people of the USA should really consider amending their
| constitution by also demanding a basic human right to data
| privacy). The key elements are "informed choice" and "consent
| to data gathering/processing" which have little to do with
| cookies. Let's say you buy a smartphone from china and it
| comes with a keyboard app that sends all your inputs to a
| chinese company so they can make predictions and offer
| autocompletion. You kind of want that app to display a banner
| asking you if that is okay. And you kind of want a privacy
| policy attached that explains they will create user specific
| profiles and sell them to advertisers and share them with the
| chinese ministry of state security. I think you want that
| banner. Now google analytics isn't much different. It tracks
| you all over the web, creates profiles of your browsing
| habits, sells those to advertisers and shares them with the
| american national security agency. Sure it also shows
| statistics to the website owners, the same way that keyboard
| app has an autocomplete function, but you kind of want to be
| informed about those other functions and have the option to
| say no, don't you? That is why 'consent management' is so
| important for data privacy.
| kemayo wrote:
| I use a Safari extension for that: https://www.super-agent.com
| SebastianKra wrote:
| I've seen them before. Do you have any idea what their game
| is?
|
| They claim to be completely free and completely privacy
| respecting. No mention of a business model.
|
| Do they hope to make some deal with advertisers later on?
| jpalomaki wrote:
| "We make money by selling a snippet of code to websites
| that integrates with Super Agent. Essentially, websites can
| have a JS snippet unique to them so that when a user with
| Super Agent visits, cookie preferences are applied
| automatically without having to ask anything."
| https://www.super-agent.com/faq
| JadeNB wrote:
| We've already encountered that with "Do Not Track"--as soon as
| you have anything that _doesn 't_ require user intervention,
| websites start arguing that it doesn't reflect the users'
| intention, and so they have to protect us from the nasty
| browsers by tracking us.
| guiambros wrote:
| To be fair, the DNT launch was botched from the beginning,
| starting more as hack than an industry-wide consensus [1].
| While it eventually got implemented by browsers, it lacked
| adoption, and had risks with fingerprinting [2]. The nail in
| the coffin was when Internet Explorer 10 decided to enable it
| by default [3], completely disregarding user intent.
|
| [1] http://paranoia.dubfire.net/2011/01/history-of-do-not-
| track-...
|
| [2] https://www.macworld.com/article/232426/apple-safari-
| removin...
|
| [3] https://en.wikipedia.org/wiki/Do_Not_Track#Internet_Explo
| rer...
| nfoz wrote:
| "Do not track me" IS the reasonable default expectation of
| user intent, to be fair.
| Macha wrote:
| And is what the GDPR is trying to establish as the legal
| baseline, though things are moving slowly (this article
| is showing they _are_ moving though)
| ahtihn wrote:
| > The nail in the coffin was when Internet Explorer 10
| decided to enable it by default [3], completely
| disregarding user intent.
|
| User intent? Really? Because user intent is to allow
| tracking by default?
| Sargos wrote:
| Certainly not at the near 100% level that the default
| setting suggests. Microsoft poisoned the well with DNT
| and worsened privacy on the web for everyone.
| JadeNB wrote:
| I can believe that there are some people who don't _care_
| if they 're tracked, but do you believe that there's
| anyone who _wants_ to be tracked?
|
| Maybe someone out there somewhere does, but surely such
| people, who actively _want_ to be tracked, are in the
| distinctly small minority. In that case, why should the
| onus be on everyone _else_ to communicate their intent,
| rather than on the few users affected to communicate
| _their_ intent?
| Sargos wrote:
| >why should the onus be on everyone else to communicate
| their intent, rather than on the few users affected to
| communicate their intent?
|
| Because this effectively bans any kind of tracking
| cookies which, while most are kind of awful, there are
| legitimate reasons for their existence. Shifting the
| conversation from a user choice to an effective ban is a
| completely different conversation with pros and cons that
| must be considered separately.
| scarface74 wrote:
| So because of the government, I now have to deal with a clearer
| obtrusive cookie banner all over the internet...
|
| Thanks????
|
| Where would we be without big government? It definitely made the
| internet a much better experience.
|
| Next law they are probably going to try to pass is force all app
| makers to use cross platform frameworks like Electron to prevent
| monopoles.
| hddherman wrote:
| Cookie banners only exist because websites want to collect data
| and track users. The banner is a symptom of the real issue,
| which is what the regulation aims to fix.
| scarface74 wrote:
| So the regulation both didn't fix the issue and made the user
| experience worse...
| tjoff wrote:
| The linked source: https://blog.google/around-the-globe/google-
| europe/new-cooki...
|
| It is "funny" reading that, the amount of energy they spend to be
| illegal but only just so that they can squeeze as much dark
| patterns on their users before they get a fine. Rinse and repeat.
|
| For normal companies / webmasters it is quite simple though. You
| don't have anything to gain from extorting your users. So please
| respect your users instead.
|
| Don't use shady practices that require you to bring up a cookie-
| banner in the first place. Just don't.
| nicbou wrote:
| Shady practices like knowing how many visitors you get on your
| website?
|
| Don't get me wrong, there's the excellent Plausible for that,
| but collecting usage statistics is far from shady.
| matheusmoreira wrote:
| > Shady practices like knowing how many visitors you get on
| your website?
|
| Exactly. Web masters aren't entitled to that information.
|
| > collecting usage statistics is far from shady
|
| I don't want to be part of any of your statistics. I'm not
| some human test subject you get to study without my informed
| consent.
| shadowgovt wrote:
| But you are a stranger logging onto my public servers
| without _my_ explicit consent.
|
| Where's my vested interest as server owner in knowing
| something about who is exfiltrating my data?
| nicbou wrote:
| Totally fair, but it's still not shady
| aaomidi wrote:
| You can do this without tracking cookies.
|
| Literally your access logs will give you this information.
| mdoms wrote:
| A huge number of website operators either don't have access
| to these logs or wouldn't know how to access them. And even
| given access, grep'ing a log file gives you far less rich
| information than a Google Analytics dashboard.
| heftig wrote:
| I think access logs as generated by most web servers
| require a GDPR notice to be compliant, as IP addresses are
| considered personal information.
| ghusto wrote:
| Not sure, but I don't think so. I think it's only if that
| site itself can link the IP to a name / user. For
| example, storing all the real world addresses in the
| world doesn't require a GDPR notice, but they're all
| related to people.
| aidanlister wrote:
| That'll give you visits, not uniques.
| hedora wrote:
| Yes. One of those things is legal to track without
| permission. The other isn't.
| philistine wrote:
| uniques is such a misnomer; let me switch to my phone ...
| oups I'm a second unique visitor.
| minusf wrote:
| it all depends on if you are a logged in user with a
| session or not. you can login to an account from any
| number of devices but you are still only one user in the
| metrics.
| rndgermandude wrote:
| You could just do "Set-Cookie: visited=true; Max-
| Age=". No unique id, but you still can count
| uniques by checking requests for the lack of that cookie.
| This cookie is not personal information, and cannot be
| used to identify a person, not even indirectly, and thus
| needs no consent. This is basically what most those
| "cookie banners" do anyway, set a preferences cookie -
| that cannot be linked back to a person, if done properly.
|
| Or if you want to avoid the cookie altogether, you could
| use some static, cachable resource with a cache
| expiration date. Basically the good old counting pixel.
| Almost the same as the non-identifying cookie, except
| caches are more likely to be automatically evicted by
| browsers.
| candiodari wrote:
| The only thing that matters about cookies is whether they
| are necessary, not whether they contain identifying
| information. Even duration doesn't matter. They should be
| explained to the user, but consent is not necessary.
|
| Some cookies are even mentioned specifically as allowed.
| The example given is keeping track of a shopping cart
| across visits. Do that, and you have your uniques. While
| hinted at, it does not specifically mention those have to
| be session cookies: you could have a banner with "accept
| cookies", then use session cookies whether or not accept
| is pressed. It even seems to be common practice to hide
| explanations behind a "more info" button.
|
| https://www.privacypolicies.com/blog/eu-cookies-
| directive/
|
| I'm pretty sure "uniques" stats don't require you to
| violate the EU cookie directive.
| rndgermandude wrote:
| >The only thing that matters about cookies is whether
| they are necessary, not whether they contain identifying
| information.
|
| Incorrect, kinda.
|
| The GDPR concerns personal information, and information
| that can identify people directly (e.g. location data) or
| indirectly (e.g. an "opaque" unique id, as it can be
| potentially linked back to a person, or an IP address, as
| it can be potentially linked back to a person, with the
| help of a court order compelling an ISP to pass through
| subscriber information to a complainant or law
| enforcement, and that subscriber may live alone).[0] The
| GDPR does not concern itself with stuff that cannot be
| used to identify a person or is personal data.
|
| The earlier ePrivacy Directive (better known as the
| "cookie law", although the section concerning "cookies"
| is only a small part, and does not even mention cookies
| explicitly) is a vague thing, on the other hand.
|
| Specifically, it says under "Art 5 - Confidentially of
| communications" that
|
| "Member States shall ensure that the storing of
| information, or the gaining of access to information
| already stored, in the terminal equipment of a subscriber
| or user is only allowed on condition that the subscriber
| or user concerned has given his or her consent, having
| been provided with clear and comprehensive information,
| in accordance with Directive 95/46/EC, inter alia, about
| the purposes of the processing. This shall not prevent
| any technical storage or access for the sole purpose of
| carrying out the transmission of a communication over an
| electronic communications network, or as strictly
| necessary in order for the provider of an information
| society service explicitly requested by the subscriber or
| user to provide the service."
|
| Some people therefore say this rules out all
| non-"necessary" cookies (unless there is explicit
| consent). However, this is not the intention of the
| directive, not how legal experts evaluated it, not how
| courts in particular evaluated it. If you followed that
| maximal view of the text, then you couldn't legally serve
| anything to a user (as the users browser might
| temporarily or permanently store that information without
| user-intervention), cannot "make" a browser cache stuff,
| cannot even store that a user opted against tracking
| cookies. Instead, it has to be seen in under the
| "confidentiality" umbrella of that Article, meaning the
| "information" mentioned has to be information that
| concerns the user. Non-identifying (neither direct or
| indirect) cookies do not fit that interpretation, and
| courts have acknowledged that (and because it's the EU
| and it's vast, some courts went against it too).
|
| The proposed ePrivacy Regulation (successor to the
| ePrivacy Directive) is meant to make things less vague
| and simpler, especially in regards to cookies, and
| explicitly allows anonymous user counting via cookies,
| among other things. While the ePR has not passed, courts
| did take notice, and consider it whe they evaluate the
| intent of the law makers as it pertains to the still
| reigning ePrivacy Directive.
|
| >They should be explained to the user, but consent is not
| necessary.
|
| Correct. You still have to inform people, even if your
| cookie use is merely "we do not use cookies to track or
| identify users".
|
| Maybe surprisingly to some, the aforementioned access
| logs up thread, are likely illegal without user consent,
| because usually they contain IP addresses of users. While
| the "visited=true" non-identifying cookie is not (in
| courts with reasonably knowledgeable judges at least).
|
| [0] https://gdpr.eu/recital-30-online-identifiers-for-
| profiling-...
|
| Yes, it's not the official website, but also yes, it's
| the same text of the official directive recitals, except
| on this unofficial website you can properly link it
| without fuss.
| nikeee wrote:
| They certainly can provide uniqueness to some degree.
| GoatCounter [1] does that.
|
| [1]: https://www.goatcounter.com
| kenniskrag wrote:
| they do not have a kpi on "how long stayed the visitor on
| the page"
| nikeee wrote:
| Sadly no, but that's a different KPI than "how many
| visitors you get on your website".
| ghusto wrote:
| They don't, no. If optimising for that kind of thing is
| necessary for a business, then that business is in my
| opinion one that can go away.
|
| It's like how search results are almost entirely rubbish
| now, because things are optimised for what Google looks
| for. So similarly, I have no sympathy for sites that need
| that kind of analytics.
| minusf wrote:
| it's quite trivial to create a breadcrumbs system which
| tracks in the logs a logged in user/session in an app
| with services like sentry.io
| nicbou wrote:
| Don't forget that the internet is full of websites that
| aren't owned by HN users. People used to just slap Google
| Analytics on there and call it a day.
|
| Again, nothing shady, just bad practices. A bit like
| putting everyone in CC instead of BCC.
|
| Besides, there's only so much you can do with backend logs.
| It doesn't work so well for small but meaningful frontend
| interactions, user flows and the like.
|
| I certainly need some sort of stats to operate my website,
| although I don't need nearly as much info as GA collects.
|
| Also a nitpick: the GDPR is about collecting data, not
| setting cookies
| ghusto wrote:
| I have that information, I don't need cookies for it, and
| neither does anyone else.
|
| I don't know why this (false) use case gets banded about so
| much, but my gods does it annoy me.
| ec109685 wrote:
| How can you measure unique users if they are using Apple's
| PrivateRelay?
| stingraycharles wrote:
| Reliably identifying a (unique) visitor is pretty difficult
| using ip logs, though.
|
| Cookies generally make this much easier, at the very least
| identifying a visit.
|
| With ip logs, you're not just dealing with the fact that IP
| addresses are often shared between people (eg behind a
| NAT), you now _also_ need to record IP addresses, which
| arguably is an even bigger privacy violation than just
| using cookies.
|
| I'm not saying that one method is always better than the
| other, but it's definitely not as black-and-white as you
| make it out to be.
| tjoff wrote:
| Why do you think you need to uniquely identify all your
| visitors?
|
| Is that truly worth ruining your website and annoy your
| users to start?
|
| There are very few things in life that are truly as black
| and white as this.
| shadowgovt wrote:
| > Why do you think you need to uniquely identify all your
| visitors?
|
| Why would I _not?_ A brick-and-mortar store can tell when
| the same person walks in twice; it 's easy to imagine
| webmasters wanting that too (to stay noting of having a
| chance of distinguishing real people from bots and
| scrapers).
| kevin_thibedeau wrote:
| Publucations, radio, and TV were profitable without
| identifying unique users. Why does a website require
| this?
| QuikAccount wrote:
| Nielsen ratings would disagree with this.
| IanCal wrote:
| I think that's a disingenuous reading.
|
| Nielsen ratings are for small subsets of users who
| explicitly opt in to tracking. That's not the same as
| "uniquely identify all end users of my website" it's like
| paying user testers.
| scarface74 wrote:
| Nielsen tried it's best to get a demographically
| representative sample of households. It wasn't purely a
| self selected sample. I doubt people were incentivized by
| the $5 they put in envelopes.
| IanCal wrote:
| I didn't say self selected, I said opt in.
| scarface74 wrote:
| In addition to the sibling poster's comment, publications
| had data on what parts of town and stores sold their
| publications at newsstands and the names and addresses of
| subscribers.
|
| Before you could get free publications like MacWeek, you
| had to fill out demographic data to qualify.
| godelski wrote:
| How fine grained detail do you actually need? I can't see
| how knowing if one person or two people in a house
| visited you're site helps. They could have easily just
| switched to their phone.
|
| For logging, just hash it with a salt.
| tantalor wrote:
| > just hash it with a salt
|
| This would not satisfy privacy maximalists because you
| can easily unmask users later.
| davidmurdoch wrote:
| Hashing is borderline PII since you can feasibly reverse
| it to a unique IP, unless you use a slow hashing function
| like bcrypt.
| baltbalt wrote:
| A single user may use different cookies depending on the
| device they use so either way it's unreliable.
| Puts wrote:
| Or like all of us who delete all cookies automatically
| when closing the browser.
| chimeracoder wrote:
| > Reliably identifying a (unique) visitor is pretty
| difficult using ip logs, though.
|
| > Cookies generally make this much easier, at the very
| least identifying a visit.
|
| You don't actually need cookies to reliably identify
| unique users. Browser fingerprinting is very identifiable
| and difficult to obscure.
|
| https://coveryourtracks.eff.org/
| __turbobrew__ wrote:
| Yea on top of that you can fingerprint the TCP/IP/TLS
| settings of the user's connection as an additional point
| of data: https://nmap.org/book/osdetect-fingerprint-
| format.html. My gut feel is that browser+tcp+ip+tls
| fingerprinting can get you pretty damn close to uniquely
| identifying users without needing cookies.
| minusf wrote:
| if it was that effective, why wouldn't just google switch
| to it and stop wasting money on ideas like FLoC, and
| ditch 3rd party cookies?
| chimeracoder wrote:
| > if it was that effective, why wouldn't just google
| switch to it and stop wasting money on ideas like FLoC,
| and ditch 3rd party cookies?
|
| First, I would be shocked if Google isn't using
| fingerprinting data in conjunction with cookies.
|
| But also, this comment misunderstands what FLoC was. FLoC
| was, at least in theory, an attempt to get the benefits
| of targeted advertising _without_ uniquely identifying
| users. That 's what the "C" in FLoC refers to - users
| aren't targeted individually, but rather by the cohort
| they belong to.
|
| FLoC unfortunately had many issues, one of which is that
| there were concerns that the cohorts were too granular
| and could still effectively denanonymize users. There's
| some research indicating that this was the case - FLoC
| cohorts revealed more info than they intended to, but
| also still less than individualized profiles do.
|
| The stated goal of FLoC was actually more privacy-focused
| than the status quo (individualized profiles).
| Unfortunately, that's not what ended up happening - or at
| least, the general public didn't trust that it was.
| minusf wrote:
| fingerprinting probably brings in more identifyable bits,
| but without the cookies it would not be commercially
| reliable data to determine uniqueness.
|
| i am aware what FLoC was and tried to be. it was a
| horrible idea with it's default optin putting onus on
| website operators to add headers to opt-out from a mass
| survelience exercise generating money for the
| surveillance capitalists.
| throwaway5371 wrote:
| you can do that without selling out your users
| nicbou wrote:
| Yep, and we clever HN people know that. But the web isn't
| all clever hackers. There are lots of small businesses with
| WordPress websites who just want to see a graph on a page.
| They will keep adding cookie banner plugins so long as they
| can keep seeing that graph.
|
| I switched to plausible because the added privacy is also a
| major UX benefit: there's no GDPR banner on my website.
| belorn wrote:
| I would claim, based exclusively on experience, that most
| small businesses websites are built by web design
| companies. It is people working in the web shop industry
| that make decision about build tools.
|
| Also in my experience, there isn't usually a GDPR banner
| on small businesses websites built on wordpress. A
| pizzeria, barber, local grocery store, or some other
| small businesses don't really have or need much on their
| website. A few images, a page for location/contact, a
| page about the employees/founders, and for the more
| advanced ones a web shop. No GDPR needed for any of that,
| and for those web shops, once a person is registered all
| the consent are usually given as part of the registration
| processing.
|
| The typical model that I see for small businesses is also
| one where no one need or want a graph over visitors. The
| customer pay the web shops a one-time fee to build the
| site, and then it mostly sits there until the customer
| decide to build a completely new website because the old
| one is getting too old. No A-B testing, no optimization
| for user retention, no frontend interactions, no user
| flows. Mostly all the customer want is to not be paying a
| web developer any more money. This is why some shops will
| utilize "proprietary modules" in order to keep the
| customer on their (usually partners) servers, in case the
| customer might get ideas of moving the site to a
| better/cheaper hosting provider.
|
| The most common situation that I know of when people are
| requesting visitor graphs is either when customer apply
| an marketing campaign and want to see the effect on their
| website, or when a conglomerate has acquired a bunch of
| smaller companies and want to make decision about closing
| down/merging specific website. In those cases the
| analytics usually get added when that need arrive.
| passivate wrote:
| My guess is Google would fire their own employees if they
| started making a list of co-workers habits/interests.
| samizdis wrote:
| > Shady practices like knowing how many visitors you get on
| your website?
|
| Perhaps I am taking that statement too literally, but in the
| last century I could just look at my server logs to find out
| how many, from which IP addresses, and the referrer. No need
| for cookies for that info at all.
| tomc1985 wrote:
| Let them analyze their webserver logs then. You don't need a
| cookie to geolocate users via IP
| nicbou wrote:
| But IPs are considered personal data by GDPR
| IanCal wrote:
| You need to be careful with your logs and what you're doing
| with the data, it's not straightforwardly OK to do this.
| Jon_Lowtek wrote:
| Stop overfocusing on cookies and instead remember to add
| this geolocation process, and why you do it, to your
| privacy policy. Please name the geolocation service
| provider (sub-processor) you share the users IP with, so
| your users can audit how their data is used. Please do a
| privacy-assessment to check if your sub-processor does
| anything else with that data, like selling the info "IP
| f.o.o was seen by our customer bar.com" to data brokers.
| Please ask the users for their consent to be geolocated,
| and don't do it for those who say no. And please offer them
| an option to change the geolocation data in case it is
| wrong.
|
| If you decide to hire a sub-processor incorporated in a
| country that does not respect article 8 of the charta of
| fundamental rights of the european union (the right to data
| privacy), you have to ask the user before sharing their
| data (their data meaning "IP f.o.o accessed our service
| bar.com") with the geolocation service. See GDPR article
| 45ff. Please consider using a provider from a country that
| respects the fundamental right to data privacy. Note that
| the "privacy shield" collapsed due to the USAs trend
| towards surveillance capitalism and that the USA is not
| considered a safe harbor for personal data.
|
| There are some exceptions, where you don't need consent:
| you could argue you need to geolocate the users to comply
| with embargos, because your company is american and you are
| not allowed to do business with people living in some
| geographic regions, like crimea. But even if you don't need
| consent you must still disclose that you process your users
| personal data that way, and why, in your privacy policy, so
| your users can decide to not use your service, if they
| don't agree. That may seem to contradict your business
| interest, but that is consumer protection in a nutshell for
| you.
|
| Note that, if you now use this data to show graphs to your
| marketing team and have meetings about improving
| advertisements by targeting regions, you are in violation
| of GDPR article 5, because the purpose you stated
| (embargos) does not match what you actually do (targeted
| marketing). This is a principle americans often find hard
| to grasp: only because you have the data for some reason,
| that doesn't mean you can do whatever you want with it.
| This becomes clearer if you don't think of personal data as
| a thing in possession of those who collect it, but as a
| good that stays in possession of the person it is about and
| gets licensed to those who use it with a bound purpose.
| Consent management and privacy policy then being similar to
| a license agreement.
|
| Now if you ask your users nicely for consent to be
| geolocated, and if you have a sane reason for wanting that
| data, the users may even agree. Just tell them about your
| awesome marketing department and how much they love region
| targeted marketing and if they don't bite, offer them a
| goody and they will agree. Hey they will even be offended
| by mistakes in your providers geo-ip-db and fix those for
| you. Note that this is a part of the right to data privacy:
| if you gather and process about the user the personal data
| that they are from somewhere, they have a right to know
| that and tell you "well no that is a mistake, i am from
| elsewhere". If you never tell them that you geolocate them,
| this is impossible.
|
| The key problem is: most people who want that data (let's
| avoid the word "you" here) likely don't have a sane reason,
| they are just nosy and want to track their users out of
| curiosity. They know their tracking is kinda sus, so they
| don't want to tell the consumers about it, or ask for
| permission, or offer any goodies, and they don't care about
| a small error rate in their big data swamp. Instead they
| hide behind some "everyone does it" defense and act
| surprised if people consider them shady. Or worse, they
| require the data to offer user-unfriendly anti-features
| like content not being available in some regions (which
| actually could be a reason to not ask for consent:
| contracts with third parties like movie corporations
| requiring geolocation as part of online movie
| distribution), but in practice all that does is leading
| consumers to pay third parties to move their traffic around
| the globe, wasting resources to break the anti-feature.
|
| But i digress, the key takeaway is: don't overfocus on
| cookies, state how and why you process personal data and it
| becomes obvious if you should ask for consent. An http-
| server does not need a consent banner to process the http-
| clients IP, it could not answer the clients request without
| it. The client gave it the IP for a very specific reason.
| But that reason and that process does not mean you can take
| the IPs from the servers logs and do with them whatever you
| want. That data does not belong to you, even if you process
| it. So please don't do that without asking for consent, or
| at least explaining why you do it. That is our fundamental
| right as data subjects.
|
| Thank you.
| mgkimsal wrote:
| 20 users from the same IP - should they count as one user
| or 20?
| philistine wrote:
| This whole thing reeks of taking the easy way out and
| dumping the problem on the user. Why can't you analyze
| usage patterns in a controlled environment to identify
| the typical number of page loads?
|
| You end up at a statistical answer like _20 hits to our
| home page equal 6.3 users, statistically speaking_.
| kibwen wrote:
| Why care? Despite all the pearl-clutching, knowing how
| many visitors you have is only marginally useful data at
| best, so it doesn't need to be precise.
| minusf wrote:
| if there are 20 different user agents, i would count that
| as 20 separate users.
| werid wrote:
| i just wish i could tell the browser to auto accept all
| [deleted]
| tgsovlerkhgsel wrote:
| Or better, auto reject all?
| IceWreck wrote:
| Rejecting all cookies would be disastrous. You wouldn't be
| able to log in to any website (unless they use JavaScript
| storage for logging in, which is less secure that cookies)
|
| And btw, you can already disable all cookies for a particular
| website, or all websites in both FF and Chromium. Just click
| the lock https icon > more info and choose the cookie
| setting.
| lucb1e wrote:
| > Rejecting all cookies would be disastrous.
|
| Making the browser not support cookies at all exists, is
| trivial, and has nothing to do with not opting into consent
| walls. Virtually nobody uses such extensions because
|
| > You wouldn't be able to log in to any website
|
| Rather, it's about interacting with these consent walls in
| an automatic manner to block the tracking cookies that
| aren't necessary for the website to function. You know, the
| part that needs _consent_.
|
| But so long as the general public, heck, even techies
| continue to believe that antiquated lawmakers had no idea
| what the heck they were talking about when they made all
| cookies require opt-in (spoiler: that's not what it says),
| I guess we'll continue to accept consent walls because
| there is no critical mass to oppose sites that employ them.
| tgsovlerkhgsel wrote:
| No, auto-reject what the sites let you reject. Because
| surprise surprise, actually necessary cookies like you
| describe don't require consent.
| IceWreck wrote:
| > No, auto-reject what the sites let you reject
|
| That would require sites to implement some kind of yet-
| to-exist browser API telling it which cookies are used
| for tracking and which are not.
|
| And why would any website implement that ? The EU can't
| force websites to implement feature X.
| aaomidi wrote:
| I mean the EU can force websites to do whatever. That
| includes implementing a feature. As we saw with cookie
| consent law and GDPR. And as we're going to see with
| interop requirements for chat apps.
|
| And the DNT header can be used exactly for that.
| rayrag wrote:
| Try "I don't care about cookies" add-on, personally I haven't
| used it yet so I don't know how good it is.
|
| https://addons.mozilla.org/en-US/firefox/addon/i-dont-care-a...
| nicbou wrote:
| It's good but uBlock can do it on its own if you already use
| it.
| rayrag wrote:
| I have uBlock installed but with default settings and
| cookie notifications shows up everywhere. Which settings
| blocks those notifications?
| JelteF wrote:
| The "Annoyances" section of the "Filter lists" tab is
| where you can enable blocking of cookie banners/popups.
| rayrag wrote:
| Thanks :)
| Charlie_26 wrote:
| And does it actually reject them? And is it available on
| the Android app?
| DangitBobby wrote:
| It is available on Android. I don't think they can
| legally track you until you provide consent. They might
| still do it, but I'll take that chance to make the web
| less hostile.
| 14 wrote:
| When will North America get the same luxury? Or do we have to
| trick google into thinking we are in Europe?
| pkaye wrote:
| California has CCPA which seems to be going in a similar
| direction for easy optout.
|
| https://www.jdsupra.com/legalnews/ccpa-regulations-update-
| an....
| bdefore wrote:
| Are there noticeable benefits right now for telling Google you
| live in Europe?
___________________________________________________________________
(page generated 2022-04-24 23:01 UTC) |