Periodic reminder that EU did not mandate cookie popups.
Cookie popups are yet another example of malicious complience by an industry that wants to use and abuse data about us all.

@borup another bit of malicious compliance for the sin-bin: when websites are like "we're setting your cookie preferences, please wait, this may take a few minutes" and then they show you a loading spinner hoping you'll get sick of it and close the preference thing.

Also cookie settings pages that don't let you click "reject all" but make you reject each "partner" individually. Death to all marketing bastards.

@borup How, exactly, did you expect websites to ask for consent, then? Such a silly assertion to make.

@hrbrmstr @borup There's always the mindblowing possibility of not using any of the cookies that require user consent.

@krazykitty @borup another silly assertion that every single website will just change how they operate b/c of some extremely poorly designed EU regulation.

@borup It's also good to remember that the EU still did nothing to stop this malpractice.

(I'd also argue again that the regulation is bad if malicious actors can abuse it while low-resource ones simply follow the path of least resistance because they lack the required understanding/skills)

#HillsToDieOn

@hrbrmstr @borup opt in

Longer answer: people seem to forget that you don't need user consent to set basic cookies needed for the basic operation of a website, because you're providing a service the user has requested (ie., render the content on this website please). You only need a cookie pop-up thing if your default is to set unrelated / marketing cookies. If you don't do that, then you don't need a consent banner and you can have an opt in somewhere for people who want to be tracked for some fucking reason. That's why websites that aren't designed by utter bastards don't have those daft pop-ups even if you access them in europe.

In other words the burden should only be on people who make shit websites that gobble up data for marketing. But as the op said, because of malicious compliance by piece of shit companies and marketers, it's shifted to being the user's problem. The regulations should be tightened to prevent this kind of bullshit behavior imo, not relaxed or removed as you seem to be (?) implying.

@hrbrmstr @krazykitty @borup I’ve seen a website regarding health just not allow itself to be displayed in the EU if you reject the cookies or something like that

@skye @hrbrmstr @krazykitty @borup heathline?

@borup
EU: "You have to ask for consent before tracking."
Companies: "Hey, you can't access our website before telling us if we can send information about you to these tens of companies (in fact we were doing it without ask… Wait, I mean, we value your privacy)."

@borup Luckily there's https://www.i-dont-care-about-cookies.eu/ so you can give zero fucks on cookies.

@OatPotato @borup To this day, many websites still don't ask for consent. Cookie banners are just cookies wall with only OK/Accept button

At best there's a hidden Refuse grey link/submenu, which is illegal, as refusing should by as easy as accepting.

While still
- place tracking cookies at 1st load before the banner is even loaded 🤡
- continue to use tracking after users have refused
- such banner often ignore non-cookie based trackers (hidden pixel, AT Internet/piano/google tracking scripts…)

@OatPotato @borup

Some even have a shitton of individually actionable on/off switches¹ for like 10 or more processing purposes + several hundreds of switches for "parteners", with no "Refuse all" button, and a big green "Accept all"…

The ones using IAB TCF form are the worst offenders…

1. Or they seem turned off but each and every PII processing purpose switch is doubled with a hidden and/or greyed out "legimate interest" although many purposes have nothing to do with "Legitimate interest".

@OatPotato @borup the Facebook comma. ‘We take your privacy, seriously’