I'm in this picture and I don't like it.

@codinghorror The EU did not force cookie notifications. Site operators decided that it was easier to make everyone click through notifications instead of only using the data they legitimately needed.

@codinghorror how is stack exchange at all involved??

@codinghorror That's a myth perpetrated by adtech industry. There is no EU obligation to spam cookie notices. There's an obligation not to track without explicit consent, and everyone illegally uses the cookie nag popups as a basis for claiming consent (which it's not). A legitimate, non malicious site has no need for cookie nags. Ever.

@codinghorror

I'm sorry I usually really like your takes but this one is just not true: the only thing the EU Cookie Law requires is consent for cookies that are not technically necessary, so mostly tracking features in our current internet, which are extremely privacy-intrusive. Useful features such as login, shopping cart, settings etc. -- none of that requires any cookie banner. So websites making use of cookie banners only do that because they don't want to respect their users' privacy

@luap42 ok BUT AT THE BROWSER LEVEL FOR THE LOVE OF GOD

@dalias not true. It is a LEGAL REQUIREMENT. Or you will be sued. By lawyers. And money.

@javier every website on the world is involved

@codinghorror No, if you are not tracking you have not broken any law and you will not be sued.

@codinghorror
Or you could, you know, not track people. Silly, I know.

@dalias @codinghorror in analogy:
EU made it illegal to “sucker punch people” ie collect personal data without consent. That’s not the same as legit personal data collection eg an online shop needs your delivery address to mail your order you just made to you.

Cookie banners are basically giving someone a quick “sorry” after punching them - it’s a loophole that shouldn’t exist. No sorry needed if you don’t punch anyone.

@codinghorror @luap42 the donottrack header is exactly that at the browser level; if it's set no need to ask the user about consent they're explicitly denying. For non-tracking, i.e., technically necessary (auth,user settings) cookies, that banner is not necessary

the browser setting exists, it's not honored by website operators, which choose to show banners instead, and is being torpedoed by google, who is earth's dominant ad network and browser supplier.

the EU (in that case) isn't at fault.

@codinghorror it not being a browser feature is part of the dark pattern, i think. Data brokers and google would loose their business modell if this would be a browser feature and everyone selected to not agree. (Why would anyone ever select otherwise?)

@codinghorror @Viss the EU reacted to behavior by tech companies. If the tech companies hadn’t have had this behavior, the EU wouldn’t have done this.

@codinghorror The EU just said that sites had to get consent for certain things. It's the websites who decided to comply in the most annoying way possible.

@codinghorror That would be some of the propaganda you are not immune to.

@codinghorror @javier Websites that don't use cookies are not involved. Neither are websites that only use cookies that are _required_ for the website to function, e.g. session tokens.

It's only when you'd like to use cookies to track users and deliver personalized ads that you have to deal with this stuff.

It's a choice.

Most websites simply don't choose the privacy-friendly option.

@codinghorror

True, but my point remains. This shitty experience we're collectively having here this isn't "the EU forcing cookie notification on people", it's "the malicious compliance of companies that profit from user tracking."

Every company that shows you an cookie popup has made the choice to put a few fractions of pennies of possible future profit ahead of your experience.

https://gdpr.eu/cookies/

@codinghorror @dalias German here: the gist of GDPR is: people must know when someone collects personal data.

You can perfectly live without a cookie banner if you don't set one for arbitrary visitors. That was the intended result. But reality instead invented this UX nightmare, because we can't have nice things.

For me it just shows how fucked up today's web actually is.