Hacker News new | past | comments | ask | show | jobs | submit login

As a web developer I gotta say the only true solution to this is to stop using the internet altogether. Might as well shut the internet down.

We can't authenticate you without cookies or some other form of identification, so that throws out any site with an account.

Even if I am not even remotely interested in tracking what pages you view on my website if I need to have you login and authenticate I need some form of cookie / session ID.

If you need to be anonymous use a browser like Firefox Focus or similar but understand that you won't be able to log in for longer than a single session, if at all.

Cancel GDPR and similar privacy laws before we outlaw the [useful] internet completely. These laws are a mess written by people who honestly are not remotely qualified to make these kinds of decisions.

I'm all for the option of privacy but it's your own responsibility -- stop using the internet leave all your electronics at home and go ride your horse into the wilderness and breathe some fresh air if you want privacy.

As I'm sure you'll be told by the time I finish writing this comment: authentication cookies do not need a compliance banner.

While I'm certainly not going to argue in favor of the GDPR, the "cooking warning" actually specifically excludes cookies used for things like authentication. It covers cookies used for other purposes, such as trackers.

From my understanding if the cookie is for an account on a website (which usually is only required to store private information such as name, email, address, etc) you would need to display the cookie warning.

Cookies are only affected if they are not a core and essential part of the product's functionality, and can identify the user. You could also argue that authentication may not be an essential part of an app's functionality, but you would not be successful; it's well-established by now.

According to the following you still are required to display the cookie warning/banner, but without the consent requirement.


Exemptions to the consent requirement Some cookies are exempt from the consent requirement and therefore are not subject to preventive blocking (though you’re still required to have the banner and cookie policy in place). The exemptions are as follows:

Technical cookies strictly necessary for the provision of the service. These include preference cookies, session cookies, load balancing, etc. Statistical cookies managed directly by you (not third-parties), providing that the data is not used for profiling Statistical (anonymized) third-party cookies (e.g. Google Analytics)* *This exemption is may not be applicable for all regions and is therefore subject to specific local regulations.

Your post is at the bottom, as a proof of why we can't have nice things. People don't understand that it's MY webiste, not a property of the users or some EU's fattie bureaucrat. If they don't like my website they can just not visit instead of telling me how my w3bsite must behave.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact