WingNews logo WingNews
top | item 47007786

(no title)

mcny | 16 days ago

You don't have to have a cookie popup if you don't do stupid stuff. Don't use anything other than strictly necessary cookies and you are good to go.

Disclaimer: I anal and this is not legal advice.

discuss

order

rpdillon|16 days ago

Having worked at multiple companies and talked to multiple legal teams about this, they tend to be very conservative. So the guidance I've gotten is that if we store any information at all on the person's computer, even to know whether they've visited the site before, we still need a cookie banner.

Basically, the law created enough fear among the lawyers that software developers are being advised to include the cookie banner in cases where it isn't strictly needed.

norman784|16 days ago

But it should not be obnoxious, look at steam how is a small banner with two simple actions, vs all other cookie banners.

dheera|16 days ago

If I see a cookie banner I often bounce.

You'd have much better retention rates if you don't cover up the content the viewer is trying to view.

How would you like it if I shoved a banner in your face the moment you walked into a store and forced you to punch a hole in it in order to view items on the shelves?

stephenr|16 days ago

> even to know whether they've visited the site before

So uh, don't do that.

You don't need to notify if you use cookies for required functionality like login sessions or remembering a functional setting.

If you're tracking whether they're returning or not your activity is exactly the kind of behaviour the rule is covering because, in legal terms, it's skeezy as fuck.

rendx|16 days ago

So? You're not arguing that we should get rid of 'reasonable' laws out of misinterpretations of them, are you?

tikkabhuna|16 days ago

Yep. GitHub wrote a blog post on removing their cookie banner years ago.

https://github.blog/news-insights/company-news/no-cookie-for...

kbelder|16 days ago

>At GitHub, we want to protect developer privacy, and we find cookie banners quite irritating, so we decided to look for a solution. After a brief search, we found one: just don’t use any non-essential cookies. Pretty simple, really.

Go to that link, these are the cookies it writes (at least for me):

    * _ga
    * _gcl_au
    * octo
    * ai_session
    * cfz_adobe
    * cfz_google-analytics_v4
    * GHCC
    * kndctr_
    *_AdobeOrg_identity
    * MicrosoftApplicationsTelemtryDeviceId
    * OptanonConsent
    * zaraz-consent
Some are from github.blog, some are from the cloudflare.com hosting. Not sure how the laws apply to that. But obviously there's several analytics cookies.

Devorlon|16 days ago

I get a cookie banner accessing that page.

nozzlegear|16 days ago

Don't several of the EU's own government information websites use cookie popups?

reddalo|16 days ago

Yes; but usually it's because they embed videos from YouTube or other external sources that force cookies to be set.

grumbel|15 days ago

All the legal uncertainty problems the cookie law produces aside, the core problem with the law is that it's fundamentally stupid. Cookies are a client side feature: You store the cookie, not the server. If you don't want to store the cookie, complain to your browser, that's the software responsible here. But instead of fixing the issue in the one place actually responsible, we make laws that force millions of websites to adopt.

mattlutze|15 days ago

You only start to need the popups if you specifically put cookies on a visitor's browser to build a personal profile of them.

This can be for e.g. sales acquisition or marketing engagement, but also includes cookies to simplify login, so not everything is "stupid stuff." A cookie that stores "was here, skip the splash page" may already fall afowl, if you put any session metadata in it.

Saline9515|15 days ago

It is just bad UI. It could have been better implemented, such as with a browser-side opt out setting, for instance. Similar to what we have for permissions, for instance.

gunapologist99|15 days ago

Why do governments think they are experts in user interfaces or UX?

dathinab|16 days ago

if you don't track users you don't need GDPR consent dialogs

I think in the past you still needed some info box in the corner with a link to the data policy. But I think that isn't needed anymore (to be clear not a consent dialog, a informational only thing). Also you can without additional consent store a same site/domain cookie remembering you dismissing or clicking on it and not showing it again (btw. same for opting out of being tracked).

But there are some old pre-GDPR laws in some countries (not EU wide AFIK) which do require actual cookie banners (in difference to GDPR consent dialogs or informational things). EU want them removed, but politic moves slow AF so not sure what the sate of this is.

So yes without checking if all the older misguided laws have been dismissed, you probably should have a small banner at the bottom telling people "we don't track you but for ... reasons .. [link] [ok]" even if you don't track people :(. But also if they haven't gotten dismissed they should be dismissed very soon.

Still such a banner is non obnoxious, little annoying (on PC, Tablet, a bit more annoying on Phone). And isn't that harass people to allow you to spy on them nonsense we have everywhere.

vasco|15 days ago

[deleted]