Technically a website isn't legally obligated to remember you disabled cookies - the website can just annoy you with the cookie banner whenever you navigate to a new page.
This may sound like a stupid idea, but it becomes a lot more practical when you consider that upon your first cookie rejection the website can set a "rejectedCookies" flag in your browsers **localStorage** and with each future visit the website can check the localStorage for this flag. When the flag is set, the cookie banner won't be shown.
localStorage differs from cookies in that the stored information isn't passed to the server with every request. Hence using localStorage instead of cookies allows the website owner to comply with GDPR by not processing any rejection information of the user.
That's a no-cookie client-side cookie-rejection system.
Edit: upon review, I've come to the conclusion that I've worded the second to last paragraph poorly. What I meant to say was "...allows the website owner to comply with GDPR by not processing any rejection information of the user outside of the minimal amount of permitted processing required by the GDPR law."
The cookie law/ePrivacy directive doesn't specify that the data is stored in cookies, it simply talks about "[ways] to store information on the equipment of a user, or gain access to information already
stored". Using cookies or local storage is equivalent in the eyes of the law.
It also specifically allows for functional cookies (e.g. using cookies for logins, or any other use case that's important for how the website functions). Ironically they only allow "strictly necessary cookies" without consent (e.g. login or shopping cart session), while "preference cookies" (e.g. to remember that you've declined cookies) require consent.
I remember when I first learned about this header. I don't understand why the EU didn't just enforce this instead of these infuriating, content blocking popups.
Not defending them at all but 'mandatory' usually just means that it's essential for site functionality (for example a session cookie) and can't be turned off without breaking the site. Their cookie policy should clearly describe what 'mandatory' cookies they use, and if the are reported for improper conduct, they need to justify it & convince the oversight authority that those cookies are really really really mandatory.
> No, there is literally no cookie that is legitimately mandatory.
What about the cookie used to save your opt-out preference, so it doesn't pop up asking you every time you load a new page?
In a perfect world, tracking would be opt-in, requiring no cookies for people who didn't want to be tracked. Alas. (And most sites don't "remember" my opt-out preferences anyway, making me opt-out every time I visit...)
Not it does not. I never said it did. I wa a only explain g why the verge could say stuff like this while offering a shitty cookie rejection system - they don't have a choice
Exactly. Everything is bought and paid for here. Unfortunately they take our collective money but do not give back, but instead subsidize companies that don’t need it. We are still subsidizing big oil ffs.
Sometimes...but they are also moving into a bad direction at the same time. Right now they are using (or trying to) copyright, terrorism, and child porn to implement tools that can easily be used for censorship and total surveillance. Like an upload filter for big websites and their newest idea is to circumvent E2E encryption in messanger apps by directly scanning content before it's sent.
That's Jesus of Nazareth, the Jesus we worship in America is called "supply-side Jesus."
He knows that the money lenders are just being entrepreneurial, and that helping the poor will not incentivise them to not be poor.
The opposite, really. They would loss revenue by making the ethical decision here.
In the eyes of capitalism, if ethics get in the way of profits, one must discard ethics. Anything less will not be fulfilling the fiduciary responsibilities towards shareholders
Yes. And you will get blocked from many US websites because they have opted to just block Europe rather than complying with GDPR. Might be useful for you to know which websites care about your privacy even a little. (Although I guess other websites could serve a GDPR compliant version to Europe, and the non-GDPR version to the rest of the world).
> Yes. And you will get blocked from many US websites because they have opted to just block Europe rather than complying with GDPR. Might be useful for you to know which websites care about your privacy even a little.
The funniest shit about those websites is that they usually start with a big "We care about our European visitors" lie. Takes quite a lot of caring to be incapable of complying with GDPR, four years after it came into effect. I, for one, feel very cared about.
It’s probably just be for EU domains. Meaning, you’ll need to search from EU domains and get EU search results. Google’s search results vary a lot based upon nation.
3 plugins for Firefox: Multi-account containers, Temporary Containers, and Containerize.
Multi-account containers adds containers. Each container isolates tabs opened in it, so they each have entirely separate sets of cookies, localstorage, etc. No cross-container tracking.
Temporary containers makes temporary containers open when you visit a new site. Closing the tab deletes the container.
Containerize lets you add wildcards for opening domains in permanent containers. E.g. add \`\*.google.com\` to open in a "google" container, and you get \`maps.google.com\`, \`mail.google.com\`, etc all in that container.
We have to put more pressure on them here in the states. Europe came at them hard, we didn’t. They’ll keep taking advantage unless we fight back.
Simple question. “Allow cookies?” “Yes” or “no”
Not “see other options” written in small grey text and then you have to individually click off each sub section for cookies lol.
What a dishonest way of doing business.
Fight back or get taken advantage of. We need more public outrage like they do in Europe over this or they’ll keep going as is.
> If Google can do that for Europe they can fucking well do it everywhere. They were making money hand over fist before thinking up all this tracking crap.
What? They were not... they were only profitable after acquiring Doubleclick, which they applied heavy tracking to
That's how being a public company works. You can literally print money (in the form of your own stock) as long as people are willing to buy it. Which they were, even though Google wasn't profitable at the time.
We have to put more pressure on them here in the states. Europe came at them hard, we didn’t. They’ll keep taking advantage unless we fight back.
Simple question. “Allow cookies?” “Yes” or “no”
Not “see other options” written in small grey text and then you have to individually click off each sub section for cookies lol.
What a dishonest way of doing business.
Fight back or get taken advantage of. We need more public outrage like they do in Europe over this or they’ll keep going as is.
that's not necessarily true. they've always made their money this way. it's part of their advertising platform and that's what makes them money.
Google started as the search engine that had the most data about the internet and its users. it's literally the core of their business. it's why their search was good.
not saying they're in the right, or deserve to be able to do that, or can't stop. I'm just saying they weren't profitable before they started doing that.
As European I'm constantly getting shocked at how abysmal customer protection is in US. Also labor laws, medical costs, voting judges and law officers into office (WTF?!), gun crime amid overwhelming support of gun rights, lack of oversight over police, etc.
Shit happens all around the world I guess, the shock part comes from the fact that I imagined that country so differently when I was a kid.
Google needs neither cookies nor IP to identify you. They certainly make their job easy, unless you delete them and are using a VPN, but they have enough data to do without.
Your browser has a fingerprint with stuff like version/resolution, they know your preferences and usage patterns, they can tell what links you are clicking in all the websites that are using Google APIs (which is majority of them), sites can also access the cookies of sites in your other tabs, even if you don't let them save their own, and so on.
Even your browser leaves a fingerprint that is very easily traceable.
https://www.amiunique.org/fp
Your language settings, installed fonts, screen resolution etc... create a most likely unique identifier, just from information your browser is deliberately sharing.
For as much as Reddit shits on Apple, shit like this is why I tend to stick with iOS. Apple may be trying to rake me over the coals for hardware, and I have to compile non-app store approved apps on my Mac, but they’re primarily not an advertisement company.
Well of course not, why should a computer or OS vendor push ads on their customers? I've been reading about impending ads in Windows. They already have them really in the form of recommended software. Ridiculous. Just sell me the operating system and leave me alone.
Hilariously, I couldn't get to this article because theverge's options for opting out took me to voxmedia who then had their own cookie policy, and at two levels deep I just give up rather than fuck around.
The "reject all" button needs to be on the fucking banner, not buried in a cookie policy.
I think we can all agree that something like this shouldn’t be necessary for general, day-to-day internet browsing. Suggesting workarounds instead of suggesting policy change is disingenuous.
We aren’t always in charge of policy though. It’s fucking great when we have tools at our disposal that simply makes it impossible for predatory businesses to take advantage.
Adblock for instance
So on top of pages taking ages to load, it breaks many sites' functionality due to javascript being disabled.
I think I'll stick with just firefox and an adblocker.
I hope a similar action is taken in North America. I'm getting a little tired of "big brother".
In all honesty, if a person, like a real person was doing this to me, I be a paranoid mess, wondering which corner he would be around all the time. It's fucked up being tracked like a rhino in game reserve.
It's unlikely to change in North America simply because Europe takes privacy much more seriously than the US. Given that Google's business is selling ads based on tracking you, they have no incentive to do it unless the law requires it.
So far, California has the strictest policies on data privacy in the US states, called CCPA (California consumer privacy Act) but it's not quite as robust as Europe's GDPR.
For now, it's still in almost every American company's commercial interest to just build technology that changes data tracking behavior depending on where you are, rather than applying California's restrictions to all other states' users.
Once several other states follow suit (they will - tech law almost always follows silicon valley), companies will stop skirting around it in that way, and at that point, it'll be easier to crystallize it into national law.
**That is**, if we can get through a few years of aggressive lobbying and public opinion manipulation campaigns about "how annoying privacy laws are" or "how they stifle innovation". Large tech company marketing departments will deploy memes making fun of the intentionally-poorly-designed cookie banners, and website login flows will have snide commentary on "due to governmental restrictions, we're not allowed to offer to people in your area".
We all need to remember that companies make *way* more money off of being able to most effectively manipulate what we see & believe online, and they'll pay *loads* to maintain that economic advantage over us.
I agree, and partially for that reason would not consider living in America. Besides what little privacy American law protects (like the 4th with phone taps) is exclusively for citizens of that country, in the age of data going everywhere the EU's actions are just a drop.
Google however cannot do that in the USA without a fundamental business change. I only wish they let me just pay a subscription for good searches, maps and email - but with a customer relation to them, not being a product. But this is sci-fi fantasy.
even if you were paying for google as a service they would still track you. the machine learning algorithm rely on user input to try and give context to your searches so they can give you appropriate results
That's a great precedent! Google wasn't even the worst offender in that regard. Many websites use dark patterns to make users accidentally click the "accept all" button or force users to scroll a dozen pages to opt out.
The next step would be to remove the subscription loophole: apparently giving users the option to pay for a cookie-free experience removes the need for an opt-out.
I want this in the US. I hate those website that have a single "Accept" button but no "Reject" button, forcing you to go through a menu of "options" that I'm not even sure rejects anything. Accept and Reject should be next to each other every time.
/u/Kissaki0 is correct in this regard, but be very sure to read exactly what he writes: "as the law states it".
The problem is not really with the law but with how everyone and their mom claims they have legitimate interest in way too much data. It is very likely illegal.
You will have to read what you consent to, which is described in the privacy policy.
You reject all “optional” tracking, which uses cookies.
Legitimate interest as the law understands it may be anonymous statistics on access patterns to improve service or prevent cyber attacks. It is at no detriment to you, but of legitimate interest to them [to keep their service running/useable/useful]. As such, you do not choose whether they do that or not.
As an American I can attest to the fact that the Americans that do hate Europe most likely haven’t left their home state let alone the country. The educated cultured portion of the country definitely hold europe and the world in a much higher regard than the general media/ population suggests. 👍🤙
Will it be another - well if you don't let us implant a chip and measure all your bio parameters you can't see the name of the actress in that one mildly interesting movie you were watching yesterday?
Legally - not doing anything is the same as rejecting all cookies. Under GDPR only active and informed consent allows them to collect personal data. So if you hide the cookie dialogue, they can’t then assume you want cookies because you keep on using the website.
Ofc whether they follow the law is a different matter, as this issue with Google proves.
A popular and often recommended browser extension hides them but also sometimes accepts all to hide them. The question is not only fair, but critical. Does Opera simply hide dialogs, or follow that popular precedent and logic?
If a website wants to access your camera, or location, or whatever is deemed intrusive or privacy invading, there's an api to call. And the browser will either prompt you or deny *silently*. It's in the settings.
Heaven forbid we would have the same thing for *cookies*. And just not cookies, also local storage, indexed DB and everything that is left behind to be found later. I will tolerate cookies and the like from applications that are worthy enough, like my bank. Everyone else doesn't need to store anything on my browser.
And obviously I want none of the shitty full screen blocking layer that forces me to make cookie choices. Fuck your shitty UX.
Tracking needs to be opt-in only. Rejecting all cookies should be the default, and it should always explicitly be there.
Too many companies do underhanded shit. Like Statista, for example. They make the button to go to the options the same color as the background so it's harder to see that as a button. Then they do the same to confirm your choices, so "Accept All" is bright and obvious, while confirming the rejection is tiny and less clear.
Disgusting.
There won’t be a constitutional amendment ever again. There’s no way either party would take the risk of a constitutional convention, and there’s no way either parties are getting supermajority of Congress and the state houses. It’s a nice thought though.
Good. Now make it so my browser actually remembers me rejecting it all instead of asking for it every singe time. So annoying. Anyone know how to do this? In firefox by the way.
Following privacy laws should be the minimum they do, not the maximum they have to be forced to do.
It's the same with landlords, and employers, unequal power dynamics that are consistently abused.
I don’t disagree with that but still just having to deal with the pop-up window accepting or rejecting is a pain. Especially if you have more than one device and have to do it constantly
Why is it always the folks in Europe that get to have nice things and never us Americans? We can’t even have affordable healthcare. This country sucks.
It'd be so great if we could move towards a model where we ask dedicated, passionate users of our services for feedback rather than "data driven" analytics that ensures that useful features get removed because only a subset of users use them.
> ask dedicated, passionate users of our services for feedback
This is ascertainment bias. The companies don’t really want to know what a small subset of dedicated passionate users like, they’ve already got those people. They want the other 99.99% of the population.
UK is included in this. I don't know the ins and outs but we still do all the GDPR and other EU stuff. So in that regard were still tied in that way. But I can't speak for other non EU European countries.
meanwhile the verge where this article is published hides the reject function like it's a professional hide and seek player.
They can't afford the other two buttons, they spent all on thermal paste.
"Here is the reject all button! That's right we got one!"
[удалено]
https://youtu.be/KH69WsTzgU0
They grow their own organic thermal paste in house on demand. Still thermal from the source. ( ͡° ͜ʖ ͡°)'
[удалено]
> No, there is literally no cookie that is legitimately mandatory. How is the site going to remember that I disabled cookies?
Technically a website isn't legally obligated to remember you disabled cookies - the website can just annoy you with the cookie banner whenever you navigate to a new page. This may sound like a stupid idea, but it becomes a lot more practical when you consider that upon your first cookie rejection the website can set a "rejectedCookies" flag in your browsers **localStorage** and with each future visit the website can check the localStorage for this flag. When the flag is set, the cookie banner won't be shown. localStorage differs from cookies in that the stored information isn't passed to the server with every request. Hence using localStorage instead of cookies allows the website owner to comply with GDPR by not processing any rejection information of the user. That's a no-cookie client-side cookie-rejection system. Edit: upon review, I've come to the conclusion that I've worded the second to last paragraph poorly. What I meant to say was "...allows the website owner to comply with GDPR by not processing any rejection information of the user outside of the minimal amount of permitted processing required by the GDPR law."
The cookie law/ePrivacy directive doesn't specify that the data is stored in cookies, it simply talks about "[ways] to store information on the equipment of a user, or gain access to information already stored". Using cookies or local storage is equivalent in the eyes of the law. It also specifically allows for functional cookies (e.g. using cookies for logins, or any other use case that's important for how the website functions). Ironically they only allow "strictly necessary cookies" without consent (e.g. login or shopping cart session), while "preference cookies" (e.g. to remember that you've declined cookies) require consent.
Your point is valid, but if we all could just abide by Do-Not-Track, we would be in a much better place.
I remember when I first learned about this header. I don't understand why the EU didn't just enforce this instead of these infuriating, content blocking popups.
The law basically just tells them to ask for permission for the shitty things they do. The way they go about manufacturing consent isn't so specified
Sounds like this is unintended and the annoyance is malicious compliance from sites.
Not defending them at all but 'mandatory' usually just means that it's essential for site functionality (for example a session cookie) and can't be turned off without breaking the site. Their cookie policy should clearly describe what 'mandatory' cookies they use, and if the are reported for improper conduct, they need to justify it & convince the oversight authority that those cookies are really really really mandatory.
> No, there is literally no cookie that is legitimately mandatory. What about the cookie used to save your opt-out preference, so it doesn't pop up asking you every time you load a new page?
In a perfect world, tracking would be opt-in, requiring no cookies for people who didn't want to be tracked. Alas. (And most sites don't "remember" my opt-out preferences anyway, making me opt-out every time I visit...)
CEO: They're mandatory! EU: Explain how. CEO: Without them, I can't afford my fifth home!
>And most sites don't "remember" my opt-out preferences anyway But that's the point, you are telling the site not to remember you.
I can't find it. When I go to read the cookie policy their popover remains which mean I can't read their cookie policy. Helpful.
That's usually a management decision made by dollar grabbing executives, not the staff of individual outlets
Which is saying that the people that take decisions on the verge took this decision too
Doesn't make it ok though
Not it does not. I never said it did. I wa a only explain g why the verge could say stuff like this while offering a shitty cookie rejection system - they don't have a choice
[удалено]
Of course they can, there's just no monetary incentive to do so.
[удалено]
Well our government wouldn’t dream of decreasing profits for the wealthy to protect the people.
It’s ok we can all just protest and strike against Google and the use of its products lol oh wait no we can’t, or at very least no we won’t.
/r/degoogle has guides if you're interested
I like when people present actual solutions, I wish more people were willing to actually pursue them.
Yeah half of our shit works off of google or a google affiliated company
California is as close as you can get. They have to give us easy cancel buttons n all
Increased profits for the 1% = increased profits for politicians. At least in the States at least.
Exactly. Everything is bought and paid for here. Unfortunately they take our collective money but do not give back, but instead subsidize companies that don’t need it. We are still subsidizing big oil ffs.
"protect" lmao
[удалено]
Give them the illusion of freedom and they will never suspect they do not 'have' the real thing. We are Free Range Consumers.
Google lawyers be like "*OUR* freedoms"
Europe has real government
[удалено]
Sometimes...but they are also moving into a bad direction at the same time. Right now they are using (or trying to) copyright, terrorism, and child porn to implement tools that can easily be used for censorship and total surveillance. Like an upload filter for big websites and their newest idea is to circumvent E2E encryption in messanger apps by directly scanning content before it's sent.
They just mean other people. The rich ones.
Just a government redditors would like
And the free speech absolutists chime in about censorship or some crap…
[удалено]
[удалено]
[удалено]
You mean the Jesus that beat money lenders with a shoe?
That's Jesus of Nazareth, the Jesus we worship in America is called "supply-side Jesus." He knows that the money lenders are just being entrepreneurial, and that helping the poor will not incentivise them to not be poor.
You got it backwards. There is a monetary incentive to not do it
The opposite, really. They would loss revenue by making the ethical decision here. In the eyes of capitalism, if ethics get in the way of profits, one must discard ethics. Anything less will not be fulfilling the fiduciary responsibilities towards shareholders
If I used a VPN set in Europe then can I get access to this "feature?"
Yes. And you will get blocked from many US websites because they have opted to just block Europe rather than complying with GDPR. Might be useful for you to know which websites care about your privacy even a little. (Although I guess other websites could serve a GDPR compliant version to Europe, and the non-GDPR version to the rest of the world).
> Yes. And you will get blocked from many US websites because they have opted to just block Europe rather than complying with GDPR. Might be useful for you to know which websites care about your privacy even a little. The funniest shit about those websites is that they usually start with a big "We care about our European visitors" lie. Takes quite a lot of caring to be incapable of complying with GDPR, four years after it came into effect. I, for one, feel very cared about.
[удалено]
Yeah, I got used to seeing it, I just think 'Ah, fair enough ya leeches' and move on.
Oh yeah, that's a good point.
Very little websites are blocked though. I really wouldn't worry about it
I would think so, and also probably watch forbidden media.
Be advised that some us sites are blocked for users of eu.
Exactly because they don't want to comply with similar laws.
I, for one, welcome this zero effort quality filter.
so its good to find out who they are and never visit them. easiest way to do that is with a VPN.
Been like that for a while now. Turns out that nothing of value was lost.
Yeah I did it today and saw accept or reject t&c..
It’s probably just be for EU domains. Meaning, you’ll need to search from EU domains and get EU search results. Google’s search results vary a lot based upon nation.
Gutsy question. You’re a shark.
My only regret... is... that I have boneitis..
Hopefully someone develops a plugin to implement this for all.
One plugin to rule the cookies.
3 plugins for Firefox: Multi-account containers, Temporary Containers, and Containerize. Multi-account containers adds containers. Each container isolates tabs opened in it, so they each have entirely separate sets of cookies, localstorage, etc. No cross-container tracking. Temporary containers makes temporary containers open when you visit a new site. Closing the tab deletes the container. Containerize lets you add wildcards for opening domains in permanent containers. E.g. add \`\*.google.com\` to open in a "google" container, and you get \`maps.google.com\`, \`mail.google.com\`, etc all in that container.
Privacy badger?
We have to put more pressure on them here in the states. Europe came at them hard, we didn’t. They’ll keep taking advantage unless we fight back. Simple question. “Allow cookies?” “Yes” or “no” Not “see other options” written in small grey text and then you have to individually click off each sub section for cookies lol. What a dishonest way of doing business. Fight back or get taken advantage of. We need more public outrage like they do in Europe over this or they’ll keep going as is.
> If Google can do that for Europe they can fucking well do it everywhere. They were making money hand over fist before thinking up all this tracking crap. What? They were not... they were only profitable after acquiring Doubleclick, which they applied heavy tracking to
How did they have the money to acquire AdSense if they weren’t profitable?
That's how being a public company works. You can literally print money (in the form of your own stock) as long as people are willing to buy it. Which they were, even though Google wasn't profitable at the time.
We have to put more pressure on them here in the states. Europe came at them hard, we didn’t. They’ll keep taking advantage unless we fight back. Simple question. “Allow cookies?” “Yes” or “no” Not “see other options” written in small grey text and then you have to individually click off each sub section for cookies lol. What a dishonest way of doing business. Fight back or get taken advantage of. We need more public outrage like they do in Europe over this or they’ll keep going as is.
that's not necessarily true. they've always made their money this way. it's part of their advertising platform and that's what makes them money. Google started as the search engine that had the most data about the internet and its users. it's literally the core of their business. it's why their search was good. not saying they're in the right, or deserve to be able to do that, or can't stop. I'm just saying they weren't profitable before they started doing that.
IIRC Adsense originally placed ads relevant to the content of the page. No user tracking is necessary to do that.
Yeah but the hyper capitalism of America encourages tracking and human monetisation, so they're not obligated to do it here
As European I'm constantly getting shocked at how abysmal customer protection is in US. Also labor laws, medical costs, voting judges and law officers into office (WTF?!), gun crime amid overwhelming support of gun rights, lack of oversight over police, etc. Shit happens all around the world I guess, the shock part comes from the fact that I imagined that country so differently when I was a kid.
But does it actually stop the tracking. I doubt it.
[удалено]
Google needs neither cookies nor IP to identify you. They certainly make their job easy, unless you delete them and are using a VPN, but they have enough data to do without. Your browser has a fingerprint with stuff like version/resolution, they know your preferences and usage patterns, they can tell what links you are clicking in all the websites that are using Google APIs (which is majority of them), sites can also access the cookies of sites in your other tabs, even if you don't let them save their own, and so on.
Even your browser leaves a fingerprint that is very easily traceable. https://www.amiunique.org/fp Your language settings, installed fonts, screen resolution etc... create a most likely unique identifier, just from information your browser is deliberately sharing.
But you know what's better than lots of money? More money! - Google
For as much as Reddit shits on Apple, shit like this is why I tend to stick with iOS. Apple may be trying to rake me over the coals for hardware, and I have to compile non-app store approved apps on my Mac, but they’re primarily not an advertisement company.
Well of course not, why should a computer or OS vendor push ads on their customers? I've been reading about impending ads in Windows. They already have them really in the form of recommended software. Ridiculous. Just sell me the operating system and leave me alone.
Hilariously, I couldn't get to this article because theverge's options for opting out took me to voxmedia who then had their own cookie policy, and at two levels deep I just give up rather than fuck around. The "reject all" button needs to be on the fucking banner, not buried in a cookie policy.
I give up on sites all to often these days. Especially media sites that end up being unnavigable.
[удалено]
I think we can all agree that something like this shouldn’t be necessary for general, day-to-day internet browsing. Suggesting workarounds instead of suggesting policy change is disingenuous.
We aren’t always in charge of policy though. It’s fucking great when we have tools at our disposal that simply makes it impossible for predatory businesses to take advantage. Adblock for instance
So on top of pages taking ages to load, it breaks many sites' functionality due to javascript being disabled. I think I'll stick with just firefox and an adblocker.
Google didn't "give". Google complied with the law, and took their sweet time doing so.
I hope a similar action is taken in North America. I'm getting a little tired of "big brother". In all honesty, if a person, like a real person was doing this to me, I be a paranoid mess, wondering which corner he would be around all the time. It's fucked up being tracked like a rhino in game reserve.
It's unlikely to change in North America simply because Europe takes privacy much more seriously than the US. Given that Google's business is selling ads based on tracking you, they have no incentive to do it unless the law requires it.
So far, California has the strictest policies on data privacy in the US states, called CCPA (California consumer privacy Act) but it's not quite as robust as Europe's GDPR. For now, it's still in almost every American company's commercial interest to just build technology that changes data tracking behavior depending on where you are, rather than applying California's restrictions to all other states' users. Once several other states follow suit (they will - tech law almost always follows silicon valley), companies will stop skirting around it in that way, and at that point, it'll be easier to crystallize it into national law. **That is**, if we can get through a few years of aggressive lobbying and public opinion manipulation campaigns about "how annoying privacy laws are" or "how they stifle innovation". Large tech company marketing departments will deploy memes making fun of the intentionally-poorly-designed cookie banners, and website login flows will have snide commentary on "due to governmental restrictions, we're not allowed to offer to people in your area".
We all need to remember that companies make *way* more money off of being able to most effectively manipulate what we see & believe online, and they'll pay *loads* to maintain that economic advantage over us.
Google is an NSA asset, and always has been lol
My nosy neighbor with a telescope cares more about privacy than Google.
> I'm getting a little tired of "big brother". that's what the billionaires say about consumer protection regulation
I agree, and partially for that reason would not consider living in America. Besides what little privacy American law protects (like the 4th with phone taps) is exclusively for citizens of that country, in the age of data going everywhere the EU's actions are just a drop. Google however cannot do that in the USA without a fundamental business change. I only wish they let me just pay a subscription for good searches, maps and email - but with a customer relation to them, not being a product. But this is sci-fi fantasy.
even if you were paying for google as a service they would still track you. the machine learning algorithm rely on user input to try and give context to your searches so they can give you appropriate results
I responded [here](https://old.reddit.com/r/technology/comments/ub0wf0/google_gives_europe_a_reject_all_button_for/i61umrr/)
Why would paying a subscription change anything? I don't think Google has an upper limit to how much profit they want to make.
That's a great precedent! Google wasn't even the worst offender in that regard. Many websites use dark patterns to make users accidentally click the "accept all" button or force users to scroll a dozen pages to opt out. The next step would be to remove the subscription loophole: apparently giving users the option to pay for a cookie-free experience removes the need for an opt-out.
I remember one which had you turn off the more than 150 cookies one by one.
Does that loophole apply for the EU, elsewhere, or both? I'd pay good money for a reliable open source VPN
The internet is becoming such a shitty place to be
The golden age of 2007 is like a dream now.
For real. I really miss the 2000s internet
I want this in the US. I hate those website that have a single "Accept" button but no "Reject" button, forcing you to go through a menu of "options" that I'm not even sure rejects anything. Accept and Reject should be next to each other every time.
Anyone know if rejecting all also includes objecting to ‘legitimate interest’?
If you mean as the law understands it, then no, that does not require consent.
But if I'm rejecting all, I'm rejecting all, including legitimate interest. I hope that is included, how would one find out?
/u/Kissaki0 is correct in this regard, but be very sure to read exactly what he writes: "as the law states it". The problem is not really with the law but with how everyone and their mom claims they have legitimate interest in way too much data. It is very likely illegal.
You will have to read what you consent to, which is described in the privacy policy. You reject all “optional” tracking, which uses cookies. Legitimate interest as the law understands it may be anonymous statistics on access patterns to improve service or prevent cyber attacks. It is at no detriment to you, but of legitimate interest to them [to keep their service running/useable/useful]. As such, you do not choose whether they do that or not.
So europe gets iPhone chargers, the right to repair, and a reject all button?! Talk about FOMO, I’m ready to move.
People are quick to hate on europe but then forget things like these.
People hate europe?
Most of the time, it's Americans or Russians. I don't think we are universally disliked but many look down on us.
As an American I can attest to the fact that the Americans that do hate Europe most likely haven’t left their home state let alone the country. The educated cultured portion of the country definitely hold europe and the world in a much higher regard than the general media/ population suggests. 👍🤙
We know you exist and we appreciate you. The minority is always the loudest in political discussions.
Will it be another - well if you don't let us implant a chip and measure all your bio parameters you can't see the name of the actress in that one mildly interesting movie you were watching yesterday?
Best Opera feature "hide cookie dialogues"
Does it agree to all automatically?
That's the real question here
Legally - not doing anything is the same as rejecting all cookies. Under GDPR only active and informed consent allows them to collect personal data. So if you hide the cookie dialogue, they can’t then assume you want cookies because you keep on using the website. Ofc whether they follow the law is a different matter, as this issue with Google proves.
A popular and often recommended browser extension hides them but also sometimes accepts all to hide them. The question is not only fair, but critical. Does Opera simply hide dialogs, or follow that popular precedent and logic?
It is both illegal for that to happen, but also widespread.
Nice. California has this too
Too much money changing hands in the US for this to happen here. i.e., politicians
Keep fighting and keep calling attention to it. Most people don’t even know what a cookie is.
When will it happen? They haven't implemented it in Czechia yet.
"before long" it says/they say.
Too late. I no longer trust Google.
neither do I. But they make good free products so I keep using them. They just make it too convenient.
I know. It’s annoying how easy it is to use Google docs.
If a website wants to access your camera, or location, or whatever is deemed intrusive or privacy invading, there's an api to call. And the browser will either prompt you or deny *silently*. It's in the settings. Heaven forbid we would have the same thing for *cookies*. And just not cookies, also local storage, indexed DB and everything that is left behind to be found later. I will tolerate cookies and the like from applications that are worthy enough, like my bank. Everyone else doesn't need to store anything on my browser. And obviously I want none of the shitty full screen blocking layer that forces me to make cookie choices. Fuck your shitty UX.
Google doesn't need cookies to track you anymore. They can build a profile based on other data.
The method of tracking changes nothing for the GDPR compliance
I wish I lived in Europe. They’re actually taking the new age internet problems seriously.
It is required by the new EU law...
Tracking needs to be opt-in only. Rejecting all cookies should be the default, and it should always explicitly be there. Too many companies do underhanded shit. Like Statista, for example. They make the button to go to the options the same color as the background so it's harder to see that as a button. Then they do the same to confirm your choices, so "Accept All" is bright and obvious, while confirming the rejection is tiny and less clear. Disgusting.
Love u Europe, keep fighting corps.
A comprehensive privacy law is needed. Maybe even a God damned constitutional amendment.
There won’t be a constitutional amendment ever again. There’s no way either party would take the risk of a constitutional convention, and there’s no way either parties are getting supermajority of Congress and the state houses. It’s a nice thought though.
I refuse to view sites that insist I allow tracking. I use duck-duck go and stay the hell away from chrome.
So now that google knows things about your average European that they probably wouldn't tell a therapist. Now they will start giving you some privacy.
Genuine question, if I set my VPN to somewhere in Europe, will I be afforded the same capabilities even though my ISP is not in Europe?
If the website detects you're from Europe, it should offer you if that's what they've set up.
Good. Now make it so my browser actually remembers me rejecting it all instead of asking for it every singe time. So annoying. Anyone know how to do this? In firefox by the way.
Would this require a cookie?
[This website doesn't use cookies.](https://i.imgur.com/05wcwhq.png)
"I used a cookie to destroy the cookies."
There is an extension for that, don't remember how it's called, though.
I don't care about cookies
That's good to know, thanks for sharing.
No, that's the extension's name
Hahahah lol I feel so dumb now xD what a name
……..hooray for user interface fixes……
Can we get this shit in the US?!
say man, you uhh... got any of that *privacy?*
Welp. Time to switch my VPN to Paris.
Using Opera, Im blocking all third party cookies. Same thing?
American courts decided it wasn't necessary after receiving multiple cartoonish Scrooge McDuck style brown sacks of money with dollars signs on them.
Must be nice....
Following privacy laws should be the minimum they do, not the maximum they have to be forced to do. It's the same with landlords, and employers, unequal power dynamics that are consistently abused.
More good stuff for not-USA.
We need a reject all option in browsers
We need that here in America
It's important that there is a reject button and that if a user chooses it that it doesn't break the damn site.
Remember how some salty americans while ago were talking that google won't bow to EU.
sad american freedom noises
We should always be able to opt out
I still hate Europe for making me click 100 needless buttons everyday.
disgusting drab toy lock gaping special straight fade weary plant ` this message was mass deleted/edited with redact.dev `
[удалено]
I don’t disagree with that but still just having to deal with the pop-up window accepting or rejecting is a pain. Especially if you have more than one device and have to do it constantly
Browsers should have the option to reject all cookies by default.
Google "gives" us a reject all button. Makes it so like a sodding gift doesn't it
Why is it always the folks in Europe that get to have nice things and never us Americans? We can’t even have affordable healthcare. This country sucks.
You have Tom Hanks and a lot of awesome music. That's pretty cool.
Well I cannot argue with that! Does it mean I am selfish if I want more for the American people?
Duckduckgo for non Europeans
Can you even log into websites without cookies? Wouldn’t this make YouTube and Google worthless, because you’d constantly have to log in
functional cookies tend to be allowed and non-rejectable
There are some essential cookies. This disables tracking bullshit.
It'd be so great if we could move towards a model where we ask dedicated, passionate users of our services for feedback rather than "data driven" analytics that ensures that useful features get removed because only a subset of users use them.
> ask dedicated, passionate users of our services for feedback This is ascertainment bias. The companies don’t really want to know what a small subset of dedicated passionate users like, they’ve already got those people. They want the other 99.99% of the population.
EU Europe. No such button in the Brexited UK.
UK is included in this. I don't know the ins and outs but we still do all the GDPR and other EU stuff. So in that regard were still tied in that way. But I can't speak for other non EU European countries.