Hacker News new | past | comments | ask | show | jobs | submit login

Hey, as long as they don't have those dark pattern cookie consent forms, I'm a happy camper. The EU should really have specified that accept all/decline all should be a top level choice instead of "Accept all" with the alternative being "learn more" leading to submenus for every one of the 891 "partners".



That is already the case:

> The GDPR is specific that consent must be as 'easy to withdraw as to give', meaning that a reject-all button must be as easy to access in terms of clicks and visibility as an 'accept all' button.

Source: https://en.wikipedia.org/wiki/HTTP_cookie#EU_cookie_directiv...


what is required is not the same as what happens in practice. Visit any wiki.gg site and see what they're doing.


When visiting a wiki.gg website from the EU I'm seeing an "Allow essential cookies" button next to "Accept all". This seems compliant with the EU laws - the laws are against non-essential cookies only; same source as in grandparent comment:

> European law requires that all websites targeting European Union member states gain "informed consent" from users before storing non-essential cookies on their device.

But yes, this is not the case on fandom wikis - in practice these are not compliant.


The law is not enforced. The non-enforcement is largely by design/lobby though.


This law hasn't been enforced here but it's not like it has never been enforced; major websites like Google, Facebook and others were forced to add "reject all": https://www.theverge.com/2022/4/21/23035289/google-reject-al...


It took EU enforcement eight years to enforce obvious violations of the law for a few companies. The illegal nags are still rampant.

And e.g. Meta (and many newspapers) already has a new obviously illegal tracking scheme with the "pay to not track".

The intended effect of GDPR would have been easily gotten with legally binding do-not-track and similar automated means. Very few people want to be tracked, but most of them are against their true consent.


> The GDPR is specific that consent must be as 'easy to withdraw as to give'

We all know what it means, but it isn't specific enough. "Single click no" or something to that effect. And don't get me started on "legitimate" interest...


I've been seeing more and more sites with a "Subscribe/pay to decline cookies" option




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: