Hacker News new | past | comments | ask | show | jobs | submit login

Thanks marketing people that decided to double down despite the clear distaste of the general public at their relentless tracking.



Is this the clear distaste of the general public or an overreaction with bad regulation by a government authority?

It’s been how many years now and GDPR has done very little to improve anything despite the cookie prompts on websites everywhere?

At this point they are as useful as TOS (not) with the annoyance of seeing one every website.


I like the banner, it lets me know to turn back.


The properly GDPR compliant cookie banners allow you to itemize certain items on the website's TOS that you may choose to accept or not accept. Website TOS are very useful for the company operating the website and the cookie rules allow you as a visitor to get some of that usefulness back.


How do you know GDPR has done very little?


Browsers like Firefox could hypothetically kill cookies in their browser tomorrow but doesn't. Or at least make a big stink about it. Do you think they should? Do you think we'd be better off as a society?


Yes we'd be better off if cookies were removed.

But if it was only Firefox, people would simply add banners saying "Firefox is not supported." since it's only like 3% of marketshare these days.


I think when you click "accept", you also accept to things like fingerprinting and storing a fingerprinted identity on their server, as well as perhaps supercookies, that allow your ISP to track you.


Browsers can't tell if a cookie is a generic setting ("chose Yes/No on a banner") or a uniquely identifiable one; and they can't tell if a cookie is functionally required (ID for a logged-in session) or not (ID to track random visitors).

The distinction is legal, not technical; so it has to be enforced by legal, not technical means.


Firefox COULD default to cookies off (with an in menu widget to force them on for non-automatic handling), and if any forum submission happens _ask_ if the end user wants to accept the site's cookies.


Looking at a typical site, a reasonable user might want to accept one (or perhaps a couple) of many dozens of cookies a site attempts to set. Choosing it manually per site per cookie is difficult but perhaps theoretically possible, however even that still requires cooperation from the site to honestly identify that this one is the cookie which is functionally required, and these fifty are for ad tracking, and ensuring that cooperation still requires legal means and can't be done with purely technical ones.

Furthermore, there is the important distinction about multiple uses of the same data. There are uniquely identifiable cookies that are functionally required for one purpose but the site may want to use it for other purposes as well (e.g. share that data with heir "trusted partners" for targeted advertising) for which user may reasonably want to refuse permission, so a browser accepting a cookie doesn't imply such permission and something extra is required.


It's a bad system that allows that and popups to be incentivized. The worst systems are created with the best intentions. Is ignorance an excuse?




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: