top | item 34098137

(no title)

simpss | 3 years ago

Not coming from the ePrivacy directive. It comes from GDPR and consent basis.

GDPR Article 7, 3, conditions for consent.

> It shall be as easy to withdraw as to give consent.

https://gdpr-info.eu/art-7-gdpr/

discuss

jefftk|3 years ago

See my response to Macha above: https://news.ycombinator.com/item?id=34097918

flipbrad|3 years ago

Withdrawal is not the same thing as refusal.

unity1001|3 years ago

When the permission is withdrawn, the other party cannot collect more data. And the existing data that they collected would need to be deleted if the user asks them to. If the withdrawal of permission also involves permissions regarding data storage and processing, it would mean that the company would need to destroy any personal data that they have.

elygre|3 years ago

If withdrawing is meant to be “undo consent”, how would you make that as easy as the initial “one click to consent”? Would you not have to show a banner on every page view, with a one click option to “withdraw”?

esperent|3 years ago

I assume "withdrawal" is the legal term used for clicking "no" on a cookie banner.

In which case yes, it is the same as refusal in the context of the law being discussed.