(no title)
simpss | 7 months ago
Many "cookie banners" have finally started to work in the EU. Once you deny PII processing many sites don't load GA etc... The time of malicious compliance is starting to pass. Some sites have figured it out and realized they really don't need personalized analytics and have replaced implementations with privacy respecting ones(ex, plausible). This lets them remove the dark-patternish banner and no additional consent is required as all data is pooled together and one persons actions truly can't be singled out.
GDPR obviously has other good effects but as PII processing through cookies is what most people know, I chose that as an example. Email tracking links & pixels are another good example.
There's also a big difference between 2018 and 2025 when discussing GDPR in work contexts and saying that implementing this or that tracking would be illegal.
It's a slow process, but it's working as intended.
jgalt212|7 months ago
simpss|7 months ago
If they get caught lying (and that tends to happen in the end) that's another violation that is taken seriously nowadays.
For example, my e-mail server started picking up messages from DELETEDmyname@mydomain.org. Making it pretty clear a company did not respect my wishes to completely delete all data and user account references. They simply changed my email in the DB.
tremon|7 months ago
The way you phrase this is expressly non-compliant with the GDPR, because what you're describing is an opt-out. To be compliant, websites should only load GA etc after you accept PII processing.
simpss|7 months ago
That's the only mechanism one can use to really be compliant as GA (and other providers) stick identifiers onto the session as soon as the script has been loaded.