Accept cookie banners with third-party cookies rejected (infosec.pub)

submitted 9 months ago by rinze@infosec.pub to c/privacy@lemmy.ml

12 comments fedilink hide all child comments

Hi,

In Spain (and probably other places in Europe) we've recently seen a deluge of cookie banners that offer you the option to reject tracking cookies for a fee. The regular GDPR forms are therefore slightly broken, as you get several options: accept, reject (which doesn't work in most cases), and buy a subscription to reject. Consent-O-Matic, for example, is having a hard time. I don't doubt it'll get corrected in time, but I want to talk about something tangential.

Cookie consent has (at least) two layers: the browser layer (where we might delete cookies, reject third party cookies, etc) and the site UI layer (where we're presented with an option when we load the page). This means we can reject third-party cookies at the browser layer and then accept whatever form at the site UI layer.

With the set up mentioned above, is there really any difference between accepting cookies and rejecting cookies? No tracking cookie are going to get installed in my computer anyway. This, combined with an ad blocker, makes the browsing experience exactly the same whether I accept or reject the cookie form. Is there anything I'm missing here?

you are viewing a single comment's thread
view the rest of the comments

[-] Engywuck@lemm.ee 9 points 9 months ago* (last edited 9 months ago)

Interesting question. IMHO you're right: if you reject 3rd party cookies at browser level, so "accepting" them from the GDPR form shouldn't really matter. Plus, many browsers nowadays forbid 3rd party websites to access cookies from other websites (in my understanding)...

I'd like someone with a more deep knowledge to contribute to the discussion.

[-] Atemu@lemmy.ml 2 points 9 months ago* (last edited 9 months ago)

Cookie banners are not really about cookies.

What they're actually asking for is consent to process your data for profit in unethical ways. That usually involves cookies but could theoretically be done entirely without. They're just a technological standard.

You might aswell say: "We use https. [consent] [settings]"

this post was submitted on 14 Jan 2024

51 points (100.0% liked)

Privacy

31665 readers

593 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS