Background (which also explains why it's being rolled out in France first): <a href="https://www.theguardian.com/technology/2022/jan/06/france-fines-google-and-facebook-210m-over-user-tracking-cookies" rel="nofollow">https://www.theguardian.com/technology/2022/jan/06/france-fi...</a> - on January 6, Google was given 3 months to fix this, with a 100k fine for each additional day.<p>I'm wondering why it took slightly but not significantly more than the 3 months. On one hand, adding a button doesn't have to take 3 months despite all the necessary reviews etc., not if it's actually considered a priority. On the other hand, if the benefits were considered worth the fine/fee, you'd expect a bigger delay.
The linked source: <a href="https://blog.google/around-the-globe/google-europe/new-cookie-choices-in-europe/" rel="nofollow">https://blog.google/around-the-globe/google-europe/new-cooki...</a><p>It is "funny" reading that, the amount of energy they spend to be illegal but only just so that they can squeeze as much dark patterns on their users before they get a fine. Rinse and repeat.<p>For normal companies / webmasters it is quite simple though. You don't have anything to gain from extorting your users. So please respect your users instead.<p>Don't use shady practices that require you to bring up a cookie-banner in the first place. Just don't.
I still don't understand why this is a website thing and not an user-agent^W^W webbrowser thing.<p>EU could have requested browser vendors to implement a mechanism to accept or reject cookies. We wouldn't have those oddly designed (and infrequently infested with dark patterns in attempt to sway users towards accepting everything) bars and popups, and it would've been 100% reliable (and even the reject decision would be remembered correctly) instead of hoping that website actually respects the choice instead of having a banner that does absolutely nothing.
Somewhat ironic that the cookie banner of theverge.com is using the same tactics/patterns (or even worse, according to UBlock Origin) that Google was fined for.
It’s so offensive when companies offer the two options “let us track you, or: go through this weird menu to disable tracking”.<p>You know wouldn’t it just be kind to the user to make it easy to go un tracked? Upsetting that they have to be compelled to do it.
What an amazing win for Europe, and the GDPR.<p>This isn't about just the button. Until a few years, "you're not the customer; you're the product" was the norm for a typical user's interaction with the internet, and they were powerless to change that.<p>Then the GDPR came along, declaring that users have fundamental right to their data, and as such, they no longer can be forced to be "the product" without their consent. One of its most empowering rules, however, is in Article 7 (4):<p><i>"When assessing whether consent is freely given, utmost account shall be taken of whether, inter alia, the performance of a contract, including the provision of a service, is conditional on consent to the processing of personal data that is not necessary for the performance of that contract."</i><p>So consent must be (1) freely given, and (2) it's not free if you're blocking access to service A by requiring consent for service B, when B is unnecessary for performing A.<p>Hence, a search engine cannot force you to consent to tracking for advertising purposes, because technically, the search engine doesn't need it.<p>So how can the search engine make money? One popular way that has already been ruled as legal is to offer two plans: a paid plan with no ads and tracking, or a free plan with ads and tracking (in essence, it's a paid plan and you're paying for it with tracking).
Good!<p>Now can Google please also respect the DNT header and automatically reject all cookies if present? That would demonstrate real leadership and putting the user experience first.
I saw this the other day on youtube, it appeared, saw the middle Reject All button, clicked it, closed and reset the browser, tried again and it didnt appear!<p>Were they testing bots?!?<p>Regarding the Reject All button, its about bloody time, these tech giants have plenty of other surveillance methods at their disposal if they want to go down that creepy criminal online stalking route, exploiting people's lack of knowledge to make sure shareholders and employees are getting their top dollar.
Still no button in France, any ETA on the release?<p><a href="https://imgur.com/a/6gQUoBK" rel="nofollow">https://imgur.com/a/6gQUoBK</a>
Does this "reject all" accept the "legitimate uses" which very clearly break GDPR?<p>Most GDPR dialog windows I've encountered have made it harder to opt out of what they incorrectly claim to be "legitimate interests". According to GDPR, a "legitimate interest" has very clear requirements, which are by no means met. This "legitimate interests" very often includes things like "creating a personalized add profile and tying it to external data lakes and devices", which is by no means necessary in order to provide the service.<p>I'm waiting for what has become the de-facto abuse of GDPR to have a serious reckoning.
I've noticed when I go to configure my cookies on European sites, most of them default to all the tracking stuff turned off. Is that typical? Is it required by the law? They still do everything they can in the UI to encourage you to "accept all", but there's generally a single button to click to "reject all" and it'd be more work to pick and choose.
update: they added it and with EU vpn you can press the reject button!
A. will other websites follow? (its so stupid that we had accept all or "more information" button, but never reject and its crazy)
B. does it do anything really? i never save cookies in the first place.
In my opinion the whole 'cookie banner industry' sucks. From a customer perspective I'm completely annoyed with different types of banners wasting my time with searching the right button, waiting because of artificial delays, clicking through layers of fake settings to find the reject option and other dark patterns.
However, from a provider perspective things a not better. Unnecessary waste of time and money to look for plugins and services to deal with cookie walls to avoid GDPR problems.
Best thing would be a EU enforcing the use of a standard browser API to ask for tracking. Just as simple as asking me if I want to share my location or webcam with an option to remember for this domain.
someone needs to step up to Google on this side of the Atlantic. They are constantly in the news regarding their tracking. tracking should be off by default. all cookies should be ban except session cookies that expire when browser closes. we already have saved passwords and logins for browsers
At least in the past, I remember to see the same youtube recommendations even after deleting all cookies etc from the browser. So google was fingerprinting you in one way or the other. I doubt this changed. So what is the point of not using cookies? They are tracking you anyway.
Any company that didn't have this set up already can reside at the bottom of the ocean with the rest of the bottom feeders (no disrespect to the mussels)
OK, so there's a single button, and if you press it, all Google properties will stop tracking you across all sites?<p>Bulls@#t.<p>Next they'll be claiming they never monetize user data.
So because of the government, I now have to deal with a clearer obtrusive cookie banner all over the internet…<p>Thanks????<p>Where would we be without big government? It definitely made the internet a much better experience.<p>Next law they are probably going to try to pass is force all app makers to use cross platform frameworks like Electron to prevent monopoles.
These consent forms are such a sabotage on the original idea.<p>The idea being, as far as i remember, you set your preferences once.
In a container on your machines under your control.<p>Then the site and the container negotiate. Either the side is willing to accept your preferences - or it denies showing to you - or presents you a "negotiated" down version.
No clicking. No visible banners. No large forms and lawyer legalese.<p>Just a privacy level setting for the web via standardized API. Europe at least tried but dropped the ball.