[HN Gopher] Europeans Spend 575M Hours Clicking Cookie Banners E...
___________________________________________________________________
Europeans Spend 575M Hours Clicking Cookie Banners Every Year
Author : vegasbrianc
Score : 83 points
Date : 2024-11-14 22:23 UTC (36 minutes ago)
(HTM) web link (legiscope.com)
(TXT) w3m dump (legiscope.com)
| josefrichter wrote:
| This is probably the biggest fail in the history of the European
| Union.
| dr_dshiv wrote:
| At least the most visible one!
| diggan wrote:
| If that's true, I'd have to agree that the EU is doing very,
| very, very well if that is the biggest fail. Unlikely to be
| true though, for better or worse.
| teruakohatu wrote:
| I am about as far from Europe as you can get, and I think my
| fellow kiwis also spent an inordinate about of time clicking EU
| mandated cookie banners.
|
| Cookies should be enforced in the browser. I think all the major
| browsers block third party cookies now. Bad actors can use other
| fingerprints to do tracking.
| diggan wrote:
| Correct URL: https://legiscope.com/blog/hidden-productivity-
| drain-cookie-...
|
| > This situation calls for an urgent revision of the ePrivacy
| Directive
|
| Shame companies cannot live without tracking cookies, and shame
| that the blame somehow end up on the regulation, rather than the
| companies who are the ones who introduce this cookie banner and
| "massive productivity loss".
|
| You know the best way of not having to put up cookie banners on
| your website? Don't store PII in cookies. You know the best way
| of not having to care about GDPR? Don't store PII.
| dmafreezone wrote:
| You know the best way to protect your PII from websites? Don't
| use the internet.
| JumpCrisscross wrote:
| > _shame that the blame somehow end up on the regulation,
| rather than the companies who are the ones who introduce this
| cookie banner and "massive productivity loss"_
|
| You can wish upon a star that humans weren't the way we are. In
| the real world, this was a predictable response to a stupid
| rule. (And in some cases a necessary one. For example, for
| websites requiring a login or reliant on ads.)
|
| > _know the best way of not having to care about GDPR? Don 't
| store PII_
|
| This is a nothing to hide argument [1]. Proving compliance with
| GDPR is tedious and expensive even if you're fully compliant.
| (Proving no jurisdiction is easier.)
|
| [1] https://en.m.wikipedia.org/wiki/Nothing_to_hide_argument
| diggan wrote:
| > this was a predictable response to a stupid rule
|
| It was predictable that ultimately people would blame the
| regulation instead of the companies? Not sure I understand
| what you mean, and even if you meant what I think you meant,
| not sure what the point is? People blame all sorts of things
| all the time...
|
| Edit since you've added more to your comment
|
| > Proving compliance with GDPR is tedious
|
| That's my point. No need to prove compliance if GDPR doesn't
| apply.
| gjsman-1000 wrote:
| Imagine you are a company.
|
| Follow the regulation too strictly: Zero consequences.
|
| Follow the regulation too loosely: Up to 10% of global
| turnover.
|
| Pick wisely. Who's fault is it for putting companies in
| this dilemma?
| diggan wrote:
| Except it's not that black and white. If you follow the
| regulation too loosely, you get warnings. If you then
| ignore the problem, you'd get bigger problems. But no one
| is gonna put a "10% of global turnover" as a fine
| immediately.
| gjsman-1000 wrote:
| > But no one is gonna put a "10% of global turnover" as a
| fine immediately.
|
| You're dealing with the EU. Stupidly high fines happen
| weekly.
| diggan wrote:
| > You're dealing with the EU. Stupidly high fines happen
| weekly.
|
| Thank you for making it clear you wasn't taking the
| conversation seriously, I almost thought someone could
| hold opinions like that in real life, but I'm happy it
| wasn't so.
| JumpCrisscross wrote:
| > _predictable that ultimately people would blame the
| regulation instead of the companies_
|
| It was predictable this would result in disclosure/consent
| spam.
|
| > _No need to prove compliance if GDPR doesn 't apply_
|
| If you are in the EU, GDPR applies. It may not be relevant.
| But you're subject to it and its regulatory arms. (And if
| you have a competitor in the EU, it's known practice you
| can waste time and money with requests and complaints.)
|
| Both laws' aims are noble. But they require tweaks.
| Starting with the cookie banners would be smart.
| diggan wrote:
| > If you are in the EU, GDPR applies. It may not be
| relevant. But you're subject to it and its regulatory
| arms.
|
| I think you might be missing that I'm talking about this
| from the companies perspective, not from the perspective
| of a person inside EU.
|
| If the company doesn't store any "personal data", GDPR
| has nothing to do with it. It's strictly about "personal
| data" as defined here:
| https://gdpr.eu/article-4-definitions/
| vegasbrianc wrote:
| Thanks, somehow the URL was truncated :(
| Alupis wrote:
| > Shame companies cannot live without tracking cookies
|
| Most cookies are entirely benign. Many cookies (or something
| like a cookie) are required for a website to operate normally.
| The EU law, while good intentioned, was/is too broad and failed
| to understand the realities of operating websites. This
| regulation has caused the entire world to be annoyed with
| useless cookie banners that 99% of people just reflexively
| click through - just like all of California's Prop65 warnings
| are ignored today.
|
| > Don't store PII.
|
| These hard-line statements defy reality. Many websites have
| legitimate need to store PII.
|
| > You know the best way of not having to care about GDPR?
|
| Don't be in the EU?
|
| Just ignore it. There are no consequences. If you don't have
| physical presence within the EU - there's little-to-zero the EU
| can do about it. The EU can think it's laws apply to the world
| all it wants - but the world disagrees.
| r3trohack3r wrote:
| > You know the best way of not having to care about GDPR? Don't
| store PII.
|
| I hear this a lot. As an American that hosts casual personal
| websites, I can't help but worry that I'm in violation of the
| GDPR.
|
| For example, my router logs connections for debugging. And my
| NGinx server maintains server logs for debugging.
|
| These contain IP addresses. I'm pretty sure those are
| considered PII under GDPR. And there are a lot of things I
| think that follow from that, things I haven't bothered to look
| into or implement. Like whatever policies, disclaimers,
| notifications, request handling processes, etc. that need to be
| in place to gather those logs.
|
| Whether or not I need a registered agent in the EU to host my
| website seems to be rather fuzzy too. It seems to come down to
| how "sensitive" the data I store in my logs are?
|
| Its also not clear to me whether my home router is subject to
| GDPR if it receives and logs a packet that was sent to it by an
| EU citizen, regardless of whether there was a public internet
| service hosted on that router or not.
|
| I mostly choose to not think about these things - but that
| nagging concern that my entire self-hosted digital presence
| violates European law does linger.
| coldpie wrote:
| Hop into your uBlock Origin settings and enable the Cookie Banner
| filters. Fixed. Enable the Annoyances filters too, while you're
| in there.
|
| If you're on iOS, the Kill Sticky bookmarklet does a decent job
| of cleaning these up without breaking most sites:
| https://www.smokingonabike.com/2024/01/20/take-back-your-web...
| tonymet wrote:
| content-based adblocking requires tremendous resources, and no
| longer works in Chrome, which is the primary browser.
| coldpie wrote:
| So use Firefox.
| ravenstine wrote:
| Those resources are well spent.
| diggan wrote:
| > Hop into your uBlock Origin settings and enable the Cookie
| Banner filters (and enable the Annoyances filters too, while
| you're in there). Fixed.
|
| Except for the pesky sites that somehow disable (or rather "not
| enable") certain things until you've "answered" the banner.
| Can't remember what site I hit that on most recently, but I had
| to disable uBlock, reload the page, click "Deny", and then the
| video/element worked.
| al_borland wrote:
| I use Hush on iOS.
| coldpie wrote:
| Oh nice, thanks. I'll give that a shot.
| gjsman-1000 wrote:
| Europe: Thoughtless regulations for yesterday's problems at
| tomorrow's expense.
|
| Or, as Emanuel Macron was recently saying, _today 's_ expense in
| precipitously declining economic competitiveness.
| brookst wrote:
| The EU regulatory regime is just comedic.
| jp57 wrote:
| So like 1hr per person per year?
| tonymet wrote:
| This destroyed the world wide web, which was the major driver of
| the internet as a consumer application. I'm referring to the
| experience of intelligent & creative publishers sharing content
| openly on the web. This did far more to destroy the world wide
| web than ads or tracking
| ben_w wrote:
| Has Facebook ever _not_ been hidden behind a login? Because
| even if that doesn 't count as "intelligent & creative
| publishers", it certainly set a much harder trend to get around
| than the banners.
| Seanambers wrote:
| This is the EU in a nutshell. You also have quite a few people
| defending this.
|
| GDPR is basically exactly what Bill Gurley talks about here ;
| https://www.youtube.com/watch?v=F9cO3-MLHOM
|
| Regulatory capture.
| lysace wrote:
| Also quite a few people (mostly from the north) fighting this
| idiocy.
|
| In general: Southern+Central EU wants to build a new USA.
| Northern states want to reduce the power of the EU. A common
| market is really the only thing we want.
| Darkskiez wrote:
| https://www.amazingcto.com/cookie-banners-are-not-needed/
| Y_Y wrote:
| If websites respected Do Not Track then things would be a lot
| easier. I think we need a right to be listened to. Right now it's
| enough online to insist on only accepting information in one
| particular way, like having a noreply email and making people
| login and submit since shitty web form to respond. Putting your
| hands over your ears and tape over your mail slot doesn't work in
| real life, it shouldn't work on the web either.
| patrick0d wrote:
| they could have made the law:
|
| >if you collect users data
|
| >you must ask first
|
| >add a yes or no button on a banner so they can pick
|
| but instead the eu citizens were let down by the legislators
| kalaksi wrote:
| Uhh, what do you think the law is?
| whstl wrote:
| This is indeed how it should be, and courts have consistently
| found enforced this.
|
| French law for example specifically says that any
| implementation must "allow the user to refuse the deposit of
| cookies as easily as to accept it." [1]
|
| [1] https://www.termsfeed.com/blog/cookie-consent-decline-
| reject...
| taosx wrote:
| The internet is broken and I don't think it's only in the EU. In
| the last years I found myself just avoiding using websites I'm
| not familiar with or confident they're not filled with ads and
| trackers, I've set-up some aggregators and custom readers to find
| and get the information I'm interested in. If I open a page that
| has the cookie banner that blocks me from reading the content or
| forces me to agree I just close it, it wouldn't have been that
| important anyway.
| frereubu wrote:
| "All" the EU needs to do is to mandate adherence to the Do Not
| Track setting in browsers, but then vast swathes of businesses
| based on unwanted and unethical tracking would go bust, so we
| have this really shitty stalemate.
|
| All websites we build adhere to the Do Not Track setting and
| don't even show a cookie banner if it's set. The only question is
| whether we should show a message to say that we're not tracking
| people because we see they've asked us not to! It's possibly a
| bit easier for us because we work primarily in the non-profit
| sector where ethics are perhaps a little higher up the agenda.
| JumpCrisscross wrote:
| > _but then vast swathes of businesses based on unwanted and
| unethical tracking would go bust, so we have this really shitty
| stalemate_
|
| They'd be supplanted by foreign competitors. That's the actual
| stalemate.
| keketi wrote:
| Because I use fresh incognito mode for each browsing session, I
| have to click through those consent popups on every website I
| visit. Quite frustrating to say the least.
| evanb wrote:
| [delayed]
| sharunkumarks wrote:
| Link is dead now?
| guywithahat wrote:
| The whole thing is a colossal waste too, it was a law written by
| people who don't understand tech for special interest groups who
| don't want to actually make things better.
|
| If you don't want a website doing something on your computer, you
| start with the browser, not the website.
___________________________________________________________________
(page generated 2024-11-14 23:00 UTC)