EDIT: I didn’t realize the anger this would bring out of people. It was supposed to be a funny meme based on recent real-life situations I’ve encountered, not an attack on the EU.

I appreciate the effort of the EU cookie laws. The practice of them just doesn’t live up to the theory of the law. Shady companies are always going to find a way to be shady.

    • purplemonkeymad@programming.dev
      link
      fedilink
      arrow-up
      87
      arrow-down
      1
      ·
      1 year ago

      IIRC the EU also ruled that burying the rejection options under additional links counts as a violation. Hence why Google now has a Reject button next to the accept button. Most sites still do that.

      • crunchpaste@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        36
        arrow-down
        1
        ·
        1 year ago

        Do you know if there is a EU-wide place to report such behavior?

        The biggest privately owned TV channel in my country not only does that, but actually just redirects you to a pdf file if you want to “manage cookies”. And it’s not like I can submit a complaint on a national level, as the ruling party’s website uses google analytics without a cookie notice at all.

        • sunbeam60@lemmy.one
          link
          fedilink
          arrow-up
          4
          arrow-down
          1
          ·
          1 year ago

          I mean almost all websites fall foul of that. You often have to bury deep and end up with a palette of complicated choices and acceptances of individual tracking companies. It’s a bloody mess. The EU should just have mandated “do not track” adherence. There’s already a standard; just enforce it.

          • 👁️👄👁️@lemm.ee
            link
            fedilink
            English
            arrow-up
            6
            ·
            edit-2
            1 year ago

            Yeah this is very common, I don’t know why other people on here are gaslighting like it doesn’t happen. It’s this way for major sites like YouTube/Twitter/Twitch/etc too. Hell even embedding a YouTube video on a site is violating GDPR. It’s a good idea, but needs a version 2.0 patch to fix some exploits.

      • Carighan Maconar@lemmy.world
        link
        fedilink
        arrow-up
        21
        arrow-down
        1
        ·
        1 year ago

        Because they rest safe in the knowledge that you rarely if ever get taken to court for it. There are millions of web pages, it needs people to take action to do something about it, and just clicking “Yes all of them” to access the content you were just trying to get to is a far better solution in most situations than hiring a lawyer and investing a few years of legal proceedings, nevermind the money.

    • Sysosmaster@infosec.pub
      link
      fedilink
      arrow-up
      15
      ·
      1 year ago

      even worse offenders are the ones with tick boxes for “Legitimate Interest”, since legitimate interest is another grounds for processing (just ads freely given consent is one), the fact you got a “tick” box for it makes it NOT legitimate interest within the confines of the GDPR.

      it also doesn’t matter what technology you use whether its cookies / urls / images / local storage / spy satellites. its solely about how you use the data…

    • _number8_@lemmy.world
      link
      fedilink
      arrow-up
      11
      arrow-down
      2
      ·
      1 year ago

      why are the EU the only people that bother to actually govern in a modern and helpful way

    • Steeve@lemmy.ca
      link
      fedilink
      English
      arrow-up
      7
      ·
      edit-2
      1 year ago

      But what are they going to do about it?

      “Here’s a fine, if you don’t pay it your site can no longer operate in the EU”

      “… ok”

    • ecamitor@beehaw.org
      link
      fedilink
      arrow-up
      2
      arrow-down
      1
      ·
      1 year ago

      They found a way around: accept all cookies or pay 2€/months. And it was decied legal by GDPR authorities

      • koper@feddit.nl
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        Some national authorities allow it, most don’t. The final word will be from the CJEU or the EDPB.

    • GreenMario@lemm.ee
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      Then half the web violates it or there is One Pixel button that closes the damn popup.

      • Honytawk@lemmy.zip
        link
        fedilink
        arrow-up
        9
        arrow-down
        1
        ·
        1 year ago

        Yeah, it is great here.

        Either the website is great and doesn’t ask anything.

        Or it asks for cookie consent, which you can decline in 1 click.

        Or it pulls one of those “break the website” tricks which will get them sued sooner or later.

        Or they block access to EU members, at which point you know they only exist to extract your data anyway.

        • twistypencil@lemmy.world
          link
          fedilink
          arrow-up
          4
          ·
          1 year ago

          I think it would be a worthwhile research project to find out how many users just click through these, accepting what the website wants you to accept by default. It effectively operates like a EULA for every single website, which produces overall fatigue and lack of care. When you’ve visited 20 sites in one day, you just start being irritated by having to constantly make a decision before you can view any content, and just mash whatever button you need to proceed.

      • Faresh@lemmy.ml
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        1
        ·
        1 year ago

        I also live in Europe and almost all websites display a dialog that asks you to choose cookie preferences. However, it seems that some few websites, mostly german (spiegel.de, gutefrage) that give you the opetion to browse with ads and cookies or pay. I do not use those websites and I imagine it is not legal.

    • Touching_Grass@lemmy.world
      link
      fedilink
      arrow-up
      12
      arrow-down
      101
      ·
      edit-2
      1 year ago

      I’m working hard to make sure all websites do that.

      You will be internet free in 5 years. Yes, I wear a cape

  • Scoopta@programming.dev
    link
    fedilink
    arrow-up
    128
    arrow-down
    1
    ·
    1 year ago

    I refuse to go to sites that do this, I also refuse to go to sites that block adblock…and specially the sites that detect and block private browsing, that one shouldn’t even be a thing

    • Zikeji@programming.dev
      link
      fedilink
      English
      arrow-up
      33
      ·
      1 year ago

      Sites that block adblock - I have network based filtering I’m not going to take the time to specifically figure out what ad providers you’re using (which is probably that same as everyone else) just to unblock your shitty site.

    • ozymandias117@lemmy.world
      link
      fedilink
      English
      arrow-up
      24
      arrow-down
      1
      ·
      1 year ago

      The fun part is that websites that do this are illegal in the EU

      They need to start flexing that 4% revenue / year fines

      • Big P@feddit.uk
        link
        fedilink
        English
        arrow-up
        7
        ·
        1 year ago

        I hope one day they just start fining everyone doing it all at once

        • corsicanguppy@lemmy.ca
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          And i hope they start using that sizing thing at airports to keep people from carrying on their massive samsonite tuba-sized suitcases and jamming them into the entirety of the overhead storage.

          But we can’t always get what we want.

    • Ignotum@lemmy.world
      link
      fedilink
      arrow-up
      12
      ·
      1 year ago

      I don’t use adblock, and yet i keep getting “disable adblock to view this” messages, fuck this shit

        • Ignotum@lemmy.world
          link
          fedilink
          arrow-up
          2
          ·
          1 year ago

          I did have adguard set up, but i disabled it thinking it could help with this issue, which it sadly didn’t

      • Trainguyrom@reddthat.com
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        Most browsers block some ads by default as well as some other privacy protections nowadays. I’m guessing whatever sites you’re hitting have advertisers so scummy they’re blocked by default

        • Ignotum@lemmy.world
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          Might be, might be

          I’m using Firefox and might’ve set a couple of the privacy settings “too high”, haven’t checked those in forever

    • hairyballs@programming.dev
      link
      fedilink
      arrow-up
      12
      arrow-down
      1
      ·
      1 year ago

      Why the fuck would they prevent private browsing? I use that a lot to be sure the session is closed correctly.

      • Scoopta@programming.dev
        link
        fedilink
        arrow-up
        10
        ·
        1 year ago

        There’s lots of newspaper sites in the US, that do this. They’ll be like “wanna use private browsing, make an account, or go visit from normal browsing.” Idk why they do it but they do. Apparently there are discrepancies in the way browsers handle persistent storage features between private and non-private browsing that allow for detection

  • CanadaPlus@lemmy.sdf.org
    link
    fedilink
    arrow-up
    73
    arrow-down
    2
    ·
    1 year ago

    I’m pretty sure breaking your website with no cookies is against the rules, actually. It’s either serve the EU with GDPR-compliance or GTFO entirely.

    Yeah, you could still just break the law, but as usual there’s a cost to that one way or the other.

    • Vuraniute@thelemmy.club
      link
      fedilink
      arrow-up
      15
      ·
      1 year ago

      this. and honestly I wish more websites followed the “serve under gdpr or don’t have a European marker”. A random blog once wasn’t available in the EU because of GDPR. And you know what? It’s better than them violating GDPR and the EU doing nothing.

    • Big P@feddit.uk
      link
      fedilink
      English
      arrow-up
      15
      ·
      1 year ago

      Tons of companies break the cookie law already, but enforcement seems to be rare

    • jabjoe@feddit.uk
      link
      fedilink
      English
      arrow-up
      7
      ·
      1 year ago

      It’s more about the big boys. If they act in a way that breaks the GDPR, now the EU has a stick to hit them with.

  • SloganLessons@kbin.social
    link
    fedilink
    arrow-up
    58
    arrow-down
    10
    ·
    1 year ago

    Yeah being unable to open… checks notes local news websites from the US has been a real deal breaker

    • kubica@kbin.social
      link
      fedilink
      arrow-up
      13
      ·
      1 year ago

      Sometimes its relieving when you go to do something and you find out that you have already finished, lol.

    • MDFL@programming.devOP
      link
      fedilink
      arrow-up
      12
      arrow-down
      2
      ·
      1 year ago

      I have run into this recently on several non-US, non-news sites. I have actually never run into it on US local news sites, so I don’t know what you’re on about.

    • amio@kbin.social
      link
      fedilink
      arrow-up
      4
      arrow-down
      3
      ·
      1 year ago

      Frankly I wish I could fit more US politics into my life, so it’s been hard, I tells ya.

  • genoxidedev1@kbin.social
    link
    fedilink
    arrow-up
    45
    arrow-down
    4
    ·
    1 year ago

    That’s gotta be quite some website you visited, if it didn’t load at all without cookies. As someone from Germany, who mostly rejects every sites cookies, except for the essential ones most of the time, but sometimes outright rejects all cookies, I’ve never encountered a website that refused to load upon doing that.

    Not defending any webpages that do do that, just contributing my personal experience.

    Also: this for chrome or this for fiefrerfx

  • Queen HawlSera@lemm.ee
    link
    fedilink
    English
    arrow-up
    33
    arrow-down
    4
    ·
    1 year ago

    I feel like people would have responded to this meme better if you didn’t depict the European Union as an NPC

      • Honytawk@lemmy.zip
        link
        fedilink
        arrow-up
        9
        arrow-down
        1
        ·
        1 year ago

        People complaining about the cookie law don’t understand the issue.

        The law doesn’t state that websites have to show a cookie banner. It states that if a website wants to track you with cookies, they have to ask permission.

        You can get websites (like lemmy and wikipedia) that don’t ask for cookies, because none of them try to track you.

        So if a websites demands cookies or they don’t allow access, it is a clear sign that the website only cares about your visit if they can invade your privacy for profit.

        Meaning it will just be a dumb clickbait website with no decent content anyway, that you should just skip.

      • stevedidWHAT@lemmy.world
        link
        fedilink
        English
        arrow-up
        7
        arrow-down
        1
        ·
        1 year ago

        The businesses who are actually doing this shit and not the people actually trying to solve issues in the world lmfao.

    • Oddbin@lemmy.world
      link
      fedilink
      arrow-up
      21
      ·
      1 year ago

      There’s a medical website that appears in top searches (forget the name) that does it too but yeah, mostly seems to be news websites but not the big ones. In most cases Unlock Origin or the like can hide the panel they throw up to choose if you really need the info or archive or 12ft ladder can get you the info.

  • DeriHunter@lemmy.world
    link
    fedilink
    arrow-up
    20
    arrow-down
    1
    ·
    1 year ago

    Serious question: I know that there are tracking cookies and the user should be able to decline those,but most sites have an auth cookie that stores you’re credentials. The devs can store it in a different place like local storage but thats really unsecured.what can the devs do in this situation when the user decline all cookies?

    • fosforus@sopuli.xyz
      link
      fedilink
      arrow-up
      31
      arrow-down
      1
      ·
      1 year ago

      Cookies that are crucial for the functioning of the website cannot be disabled by the user.

      • sip@programming.dev
        link
        fedilink
        arrow-up
        11
        arrow-down
        2
        ·
        edit-2
        1 year ago

        well, they can be disabled by the user and the site simply won’t work.

        • shastaxc@lemm.ee
          link
          fedilink
          arrow-up
          8
          ·
          1 year ago

          He means they are exempt from the EU law that says the use must be presented with the option to disable it

    • Kevin Noodle@lemmy.world
      link
      fedilink
      arrow-up
      10
      ·
      1 year ago

      Usually the prompts are specifically for tracking cookies, not essential ones for login. Alternatives without cookies:

      • URL sessions
      • Tokens
      • OAuth/OIDC third party
      • Local/Session Storage (ditto - mind the risks)
    • nothacking@discuss.tchncs.de
      link
      fedilink
      arrow-up
      4
      ·
      1 year ago

      The GDPR is not “cookie law”, it only prohibits tracking users in a way not essential to the operation of the site using locally stored identifiers (cookies, local storage, indexed DB…)

      Storing a cookie to track login sessions, or color scheme preference does not require asking the user or allowing them to decline.

    • smileyhead@discuss.tchncs.de
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      What the dev can do if user decline processing of personal data is not store such personal data in cookies or anywhere.

      Or even better, do not track the user so the consent would only be needed in for example registration form.

  • nothacking@discuss.tchncs.de
    link
    fedilink
    arrow-up
    15
    ·
    1 year ago

    Nearly all of these are illegal, but sadly there is little enforcement when it comes to this. (Tracking must be opt-in, not opt-out. Ignoring a banner must be interpreted as declining. Opting out must be a simple option, not navigating a complex and misleading menus. The users choice applies to any form of tracking, not just cookies…)

    • ozymandias117@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      arrow-down
      2
      ·
      1 year ago

      No? If a website refuses to load because you refused tracking cookies, it’s still illegal under GDPR

      • RegularGoose@sh.itjust.works
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        It’s becoming a lot easier to use the internet a lot less. It’s been turned into such a user-hostile space so domineered by corporations and fascists that most of the internet doesn’t really hold much of an appeal anymore, at least for me.

        If the internet died tomorrow and didn’t come back, I’d be annoyed about not being able to use it to order food, manage my bank account, or watch shows/movies, but the world would likely be an overall better place once logistics re-adapted to not having it.

        The internet was cool for the first 10-15 years, but it’s been a rapidly worsening cesspit for a long time. Nothing the internet can offer us is worth also tolerating it as a tool for inescapable government and corporate surveillance, and as the most effective imagineable breeding ground for fascism and disinformation.

        The internet makes our lives worse in so many more ways than it imporves them, and people are too fucking addicted to it to give a shit.

      • Honytawk@lemmy.zip
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        If you really don’t want to bother, you can use the consent-o-matic addon for Firefox that automatically declines every cookie possible.

  • smileyhead@discuss.tchncs.de
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago
    1. This was not about cookies, but processing of personal data and new definitions of such data. Cookies was just an example.
    2. By those laws, forcing user to consent with denying access to the service is declared illegal.