A notice asking if you want only necessary cookies or all cookies, including ones that profile you, is like a maître d’ asking you “would you like to dine with us or would you like to dine with us and have your organs harvested?” What about my entering your restaurant prompted you to think I’d ever want the latter?

@aral I think the intention behind the laws protecting privacy online is good, but the implementation has just made things worse, in that most people will just click agree to get to the site, so they are legally agreeing to something that was just happening without agreement before.


@aral It could have been done in a different way, where the law set out different classes of tracking that you could agree to or not as a policy that was set in the browser. E.g. no tracking, only tracking within this domain, and any tracking. Then people could set a global policy they were happy with and the browser would negotiate with the individual sites. That way you could make a meaningful decision when you set the policy rather than having to read (or not read) all these notices.

@highfellow @aral

There is already a do-not-track setting in most browsers, since it's part of the html standard.

Two things which I wish the GDPR had done was:
1: Make it mandatory to respect the DNT setting. If it's set, that means no tracking.
2: Make it mandatory to have a "no" option equally visible and just as quick to select as the "yes to all" option.

That would have removed a lot of the hassle which companies are now annoying us with.

@Mr_Teatime @aral thanks for letting me know about the do not track option - I didn't know about that. I agree that it would have been good if the EU had made it mandatory for companies to respect that setting. My idea was for a more fine grained set of choices as to what level of tracking you were willing to allow and for what purposes,but a simple yes or no would be okay too.

I suppose there would have been a case for extending DNT to more fine-grained settings -- if it had ever been actually used for its purpose.

Although: That would require people to configure those settings. And if you want to allow a particular website to keep you logged in or similar, you could still click on a button there to confirm a DNT exception that lets them set a cookie which contains that information (and is only readable by them)


Sign in to participate in the conversation

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!