
Ask HN: Is GDPR becoming tl;dr Cookie law all over again? - holografix
Countless examples of “Click accept all or you don’t get access to this content” around. After being prevented from seeing half the web are users simply clicking ok to get rid of the messages and carry on?
======
rendx
This is not the intent of the law, and a blatant misinterpretation.

Even the "cookie law" does not require to get consent (aka a popup you
ignore), unless you use cookies for purposes besides e.g. session management.

"Consent is not required if the cookie is: (1) used for the sole purpose of
carrying out the transmission of a communication, and (2) strictly necessary
in order for the provider of an information society service explicitly
required by the user to provide that service."
[http://ec.europa.eu/ipg/basics/legal/cookies/](http://ec.europa.eu/ipg/basics/legal/cookies/)

Even "worse" for GDPR: You need clear consent to use personal data. That
consent is implied if all you are using the data for is in direct relationship
to (required for) the expected service. So, you only really need additional
explicit consent if you're using data for other things (like profiling,
targeted ads etc), AND, more importantly, you cannot require this consent for
the actual service but it has to be purely optional.

