top | item 42862751

(no title)

I am not surprised. A lot of people conflate GDPR with the well-intentioned but misdirected cookie directive.

A lot of people blame the EU for “forcing cookie banners onto the web”, while the GDPR solely demands that you ask for consent before storing data that’s outside of your core functional needs to operate the app/website.

The UX of those dialogs is largely a dark pattern because the law did not demand implementation details, yet people blame GDPR because businesses designed them to be a nightmare to use. Yet people applaud for App Tracking Transparency dialogs.

It’s ironic how the GDPR is painted as a villain.

discuss

Propelloni|1 year ago

> The UX of those dialogs is largely a dark pattern because the law did not demand implementation details, yet people blame GDPR because businesses designed them to be a nightmare to use. Yet people applaud for App Tracking Transparency dialogs.

True, it does not mandate specific implementation details but in Recital 32 of the GDPR [1], it demands "request[s] must be clear, concise and not unnecessarily disruptive to the use of the service [...]" which is mostly not given with dark pattern implementations.

[1] https://gdpr.eu/Recital-32-Conditions-for-consent/

Zanfa|1 year ago

> The UX of those dialogs is largely a dark pattern because the law did not demand implementation details, yet people blame GDPR because businesses designed them to be a nightmare to use.

IMO the law was clear enough as highlighted in the sibling comment. It is poor enforcement that's been a major issue. If a company registered in country A flouts GPDR, even in country B, there's nothing country B can do, other than delegate to country A's data protection / privacy authority. If country A then drags their feet and takes no action, we arrive at the current situation.