top | item 45981161

(no title)

the issue was never the law.

the issue were the 100s of tracking cookies and that websites would use dark patterns or simply not offer a "no to all" button at all (which is against the law, btw.)

Most websites do. not. need. cookies.

It's all about tracking and surveillance to show you different prices on airbnb and booking.com to maximise their profits.

https://noyb.eu/en/project/cookie-banners (edit: link)

discuss

layer8|3 months ago

The issue is the lack of enforcement of the law. And instead of strengthening the enforcement, they are diluting the law now.

rebolek|3 months ago

I think that most websites need cookies. I have a website with short stories. It lets you set font size and dark/bright theme, nothing special. Do I want to store your settings on server? No, why should I waste my resources? Just store it in your browser! Cookies are perfect for that. Do I know your settings? No, I don't, I don't care. I set a cookie, JS reads it and changes something on client. No tracking at all. Cookies are perfect for that. People just abuse them like everything else, that's the problem, not cookies.

And BTW because I don't care about your cookies, I don't need to bother you with cookie banner. It's that easy.

Also, if I would implement user management for whatever reason, I would NOT NEED to show the banner also. ONLY if I shared the info with third side. The rules are simple yet the ways people bend them are very creative.

int_19h|3 months ago

A cookie is something that is sent to the server, by design - that's their whole point! So if the only part of your code that needs them lives on the client, cookies are the wrong mechanism for that - use localStorage instead.

graemep|3 months ago

> lets you set font size and dark/bright theme,

You do not need cookies for either of these. CSS can follow browser preferences, and browsers can change font sizes with zoom.

I am not sure these cookies are covered by the regulations. No personal so not covered by GDPR. They might be covered by the ePrivacy directive (the "cookie law").

unknown|3 months ago

[deleted]

nightpool|3 months ago

Unfortunately, because these types of preferences (font size, dark/light mode theme) are "non-essential", you are required to inform users about them using a cookie banner, per EU ePrivacy directive (the one that predates the GDPR). So if you don't use a cookie banner in this case, you are not in compliance.

zrn900|3 months ago

> Most websites do. not. need. cookies.

All websites need cookies, at least for functionality and for analytics. We aren't living in the mid-1990s when websites were being operated for free by university departments or major megacorps in a closed system. The cookie law screwed all the small businesses and individuals who needed to be able to earn money to run their websites. It crippled everyone but big megacorps, who just pay the fines and go ahead with violating everyone's privacy.

gregopet|3 months ago

Functional cookies are fine. Even analytics is fine if you're using your own (though said own analytics must also company with GDPR personal data retention rules).

What is not fine is giving away your users' personal data to pay for your analytics bill.

rpastuszak|3 months ago

I'm not sure why this is being downvoted?

zdragnar|3 months ago

The premise is that the intent of the law was good, so everyone should naturally change their behavior to obey the spirit of the law.

That isn't how people work. The law was poorly written and even more poorly enforced. Attempts at "compliance" made the web browsing experience worse.

weberer|3 months ago

Because the issue is due to a failure in the law. The failure of not enforcing the "do not track" setting from browsers that would avoid the need for these annoying pop-ups in the first place.

whstl|3 months ago

A lot of people at HN work in industries that track, or are the ones choosing to use the banners in the first place.