So many sites do:
“Here are cookie, advertising, tracking policies. Here is an OK button.”
After not clicking the ok button but attempting to continue:
“You must agree to our tracking policy”
That is explicitly not allowed/illegal under GDPR.
American companies including the Washington Post really have a damn hard time wrapping their head around that an agreement means you can decline to agree to it, and GDRP says refusing to be tracked is not grounds for a site to refuse service.
@szbalint Technically, that's not correct afaik. It's only illegal to require consent for collecting data in order to fulfill a contract. You do not have an implicit contract with a site you're not logged in and subscribed to, or any kind of right for a website to serve you. And as GDPR allows to store data for "legitimate interests" an ad-based website could argue that their revenue is based on adding those trackers.
@szbalint Don't get me wrong, I'm as anti-tracking as it gets, but I have a strong feeling that many people will have a rough awakening after lawsuits in the near future. GDPR allows for quite some nasty stuff.
@szbalint try forbes.com, it is a beautiful example of forced consent with a bureaucracy of pointless toggles and fake loading bars.
@szbalint "If you click agree or continue to use this site, we do what we want with your data."
@szbalint Declining the agreement means declining to use the site, in this case.
And, in the US, any business has a right to refuse service, for any reason other than being a member of a protected class.
Declining cookies is not a protected class. EU laws do not trump the US constitution, and our laws. And, freedom of the press is a protected right.
@szbalint @torgo Yeah, seen so much of this. My experience of using the web has gotten markedly worse since GDPR, because the consent panels are much more intrusive and blocking, with no way to refuse. I hope this will start to change when the court cases start happening... In the meantime, I'll be using the browser dev tools and hiding consent panel elements more often ;)
@szbalint this isn't new, IIRC under the previous legislation one should have had the right to reject cookies. luckily "reader view" is a decent workaround.
I do wonder how GPDR will (if at all) affect Mastoadmins.
@szbalint the Upton Sinclair quote comes to mind: "It is difficult to get a man to understand something, when his salary depends upon his not understanding it!"
@szbalint noScript the java script blocker lets you choose which code runs in your browser. this helps with news sites like the washington post.
@szbalint
I never thought I'd see privacy as a basic human right return in my lifetime. I just wish it would hurry up and make its way over to this side of the pond.
Our downstairs neighbors call themselves "the land of the free" but that hasn't been realistic for quite some time.
Penologists call that concept "blackmailing".
One almost wonders if the US and UK might have laws against it.
🤔
@szbalint If it is "essential to the service" apparently they can refuse the service.
It simply doesn't make sense to me either. If you want to log in, it is practically impossible to do without the use of cookies. But much of the other things that people (at least people in the know) would like to be able to opt out of, are not essential.
"domain privacy service" is *not* essential to the service. You shouldn't be opting people *in* in the name of complying with GDRP.