They tried

MDFL@programming.dev to Programmer Humor@programming.dev – 1091 points –

EDIT: I didn't realize the anger this would bring out of people. It was supposed to be a funny meme based on recent real-life situations I've encountered, not an attack on the EU.

I appreciate the effort of the EU cookie laws. The practice of them just doesn't live up to the theory of the law. Shady companies are always going to find a way to be shady.

164

Any website that does that I just close the tab.

You should travel to Europe sometime and try to use the web

Yeah, it is great here.

Either the website is great and doesn't ask anything.

Or it asks for cookie consent, which you can decline in 1 click.

Or it pulls one of those "break the website" tricks which will get them sued sooner or later.

Or they block access to EU members, at which point you know they only exist to extract your data anyway.

I think it would be a worthwhile research project to find out how many users just click through these, accepting what the website wants you to accept by default. It effectively operates like a EULA for every single website, which produces overall fatigue and lack of care. When you've visited 20 sites in one day, you just start being irritated by having to constantly make a decision before you can view any content, and just mash whatever button you need to proceed.

I also live in Europe and almost all websites display a dialog that asks you to choose cookie preferences. However, it seems that some few websites, mostly german (spiegel.de, gutefrage) that give you the opetion to browse with ads and cookies or pay. I do not use those websites and I imagine it is not legal.

I'm working hard to make sure all websites do that.

You will be internet free in 5 years. Yes, I wear a cape

Display name does not check out as a matter of fact

No you see he has grass growing in his keyboard so he can touch grass without going outside

We will all touch grass

Are you... the hero or villain. I don't even know anymore

They're anti-anti >!(like anti-hero or anti-villain)!<, their goals transcend understanding

I think we should ban trolls like this on sight.

I propose we ban /u/Touching_Grass

Than I will go without internet. I'm over 40 I know how life was like before internet. I'll be that crazy old man in someone's neighborhood. So kindly please accept my GO FUCK YOURSELF award for your efforts.

I refuse to go to sites that do this, I also refuse to go to sites that block adblock...and specially the sites that detect and block private browsing, that one shouldn't even be a thing

Sites that block adblock - I have network based filtering I'm not going to take the time to specifically figure out what ad providers you're using (which is probably that same as everyone else) just to unblock your shitty site.

LOL, I also use DNS based filtering soooo I feel your pain.

Hilariously, I find the Pi-hole feature "disable for 5 seconds" often works because it'll be down for long enough to load the page but not the ads.

I don't use pihole...didn't know that was a thing...still don't plan on using pihole but that's cool

The fun part is that websites that do this are illegal in the EU

They need to start flexing that 4% revenue / year fines

I hope one day they just start fining everyone doing it all at once

And i hope they start using that sizing thing at airports to keep people from carrying on their massive samsonite tuba-sized suitcases and jamming them into the entirety of the overhead storage.

But we can't always get what we want.

I don't use adblock, and yet i keep getting "disable adblock to view this" messages, fuck this shit

Most browsers block some ads by default as well as some other privacy protections nowadays. I'm guessing whatever sites you're hitting have advertisers so scummy they're blocked by default

Might be, might be

I'm using Firefox and might've set a couple of the privacy settings "too high", haven't checked those in forever

Why the fuck would they prevent private browsing? I use that a lot to be sure the session is closed correctly.

There's lots of newspaper sites in the US, that do this. They'll be like "wanna use private browsing, make an account, or go visit from normal browsing." Idk why they do it but they do. Apparently there are discrepancies in the way browsers handle persistent storage features between private and non-private browsing that allow for detection

I'd guess they just want to keep track of what you read and how many articles. You still can wipe that information from your browser but private browsing makes it more convenient so they ban it

Cause they can't track your browser history that way.

I'm pretty sure breaking your website with no cookies is against the rules, actually. It's either serve the EU with GDPR-compliance or GTFO entirely.

Yeah, you could still just break the law, but as usual there's a cost to that one way or the other.

this. and honestly I wish more websites followed the "serve under gdpr or don't have a European marker". A random blog once wasn't available in the EU because of GDPR. And you know what? It's better than them violating GDPR and the EU doing nothing.

Tons of companies break the cookie law already, but enforcement seems to be rare

Doesn't enforcement work by letting competitors sue you if you don't follow the rules for these things?

What's the cookie law?

If websites want to track you through cookies, they have to ask for permission.

The cookie consent banner has to allow you to opt out of cookies as easily as accepting them

Almoat true, it actually has to be a opt in system, opt out is illegal already!

Yeah, I think it has to default to off but I believe the banner they show shouldn't make it harder to continue with it being off rather than turning it on

I've heard stories about some of the big guys getting hit with sizable GDPR fines. I don't really know the full extent of what they do but I do imagine there's someone that makes it their job to prosecute GDPR violations.

It's more about the big boys. If they act in a way that breaks the GDPR, now the EU has a stick to hit them with.

Your meme is funny, but people genuinely use these arguments to be against sensible EU laws, hence the response I imagine.

Yeah being unable to open… checks notes local news websites from the US has been a real deal breaker

Sometimes its relieving when you go to do something and you find out that you have already finished, lol.

I have run into this recently on several non-US, non-news sites. I have actually never run into it on US local news sites, so I don't know what you're on about.

In my experience it seems to be medical websites and recipe websites

Frankly I wish I could fit more US politics into my life, so it's been hard, I tells ya.

That's gotta be quite some website you visited, if it didn't load at all without cookies. As someone from Germany, who mostly rejects every sites cookies, except for the essential ones most of the time, but sometimes outright rejects all cookies, I've never encountered a website that refused to load upon doing that.

Not defending any webpages that do do that, just contributing my personal experience.

Also: this for chrome or this for fiefrerfx

Makes sense, I don't use any of them, at all. I'm pretty sure there's a place where you can report such webpages for doing that though, though I don't know where at the moment.

Edit: possibly this one

Netzpolitik.de checked Germany's top 100 sites. Not many offer a single click rejection of cookies. Many of them only offer a paid 'pure abo' to disable tracking.

https://datawrapper.dwcdn.net/9GFZM/8/ (German)

Yea, we have the same issue in Austria but technically that's illegal behaviour and you should be able to report it somewhere!

Don't know if it's me or what, but I clicked on the first link and when it opened in my mobile browser, everything started shaking vertically like the page was suffering an earthquake. I'll definitely have to look into that because I've never seen it happen before on any website like it.

some other just block access from the eu completely. (not a news site, but applebee's does this)

It's rare to see (probably since someone pointed out it doesn't conform to GDPR standards), but I ran into a batch of them in short order recently, so it's been on my mind.

I exit in the EU a lot. Same, they mostly work fine with no cookies. It's much more common to see one that just doesn't let EU residents in.

That's fine. People who don't care about cookies will accept them anyway and those who do care about cookies will know not to visit that site anymore.

I feel like people would have responded to this meme better if you didn't depict the European Union as an NPC

They're the ones who made the law. Who else should have been in the meme?

People complaining about the cookie law don't understand the issue.

The law doesn't state that websites have to show a cookie banner. It states that if a website wants to track you with cookies, they have to ask permission.

You can get websites (like lemmy and wikipedia) that don't ask for cookies, because none of them try to track you.

So if a websites demands cookies or they don't allow access, it is a clear sign that the website only cares about your visit if they can invade your privacy for profit.

Meaning it will just be a dumb clickbait website with no decent content anyway, that you should just skip.

The businesses who are actually doing this shit and not the people actually trying to solve issues in the world lmfao.

Oh boo I can't visit American propaganda websites what a loss to my European life style

I have run into this recently on several non-US, non-news sites. Your comment is propaganda.

propaganda

I do not think that word means what you think it means.

I absolutely do. Spreading the idea that news sites are all propaganda and the only entities involved in this kind of practice is, in itself, propaganda.

I think they were referring only to American news websites.

You're right. I wasn't clear in my comment. Saying all US-news sites are propaganda is propaganda. I'm not sure how that changes anything.

They didn't say that either. Where do you get this idea from that they're talking about (all) US news sites?

They said "American propaganda websites". That may include some news sites. It may also not include some news sites.

The most you could infer from their statement is that only American propaganda websites violate the GDPR.

Of course websites exist that violate the GDPR and are not American propaganda websites.

But the vast majority of websites commiting severe violations of the GDPR that an average European encounters will be American propaganda websites.

(Believe it or not, Europeans don't often visit websites written in Russian or Chinese.)

It's a lost cause, the EU circlejerk is too strong, as clearly everything is a utopia over there with nothing wrong.

GDPR is a good idea, but still very flawed in practice which they really don't like to admit anything wrong for some reason.

It's a synonym for socialism and it means everything that i don't like

2 more...
2 more...
2 more...

Serious question: I know that there are tracking cookies and the user should be able to decline those,but most sites have an auth cookie that stores you're credentials. The devs can store it in a different place like local storage but thats really unsecured.what can the devs do in this situation when the user decline all cookies?

The eu rules are mostly about unnecessary cookies. Most web devs just copied whatever everyone else was doing and now there's this standard of having to accept cookies but the EU doesn't really enforce it like that

it's not up to the EU to enforce it.

not sure why you're downvoted. of course member states enforce it.

Usually the prompts are specifically for tracking cookies, not essential ones for login. Alternatives without cookies:

  • URL sessions
  • Tokens
  • OAuth/OIDC third party
  • Local/Session Storage (ditto - mind the risks)

The GDPR is not "cookie law", it only prohibits tracking users in a way not essential to the operation of the site using locally stored identifiers (cookies, local storage, indexed DB...)

Storing a cookie to track login sessions, or color scheme preference does not require asking the user or allowing them to decline.

4 more...

I generally agree with the statment under that image and it's certainly a funny meme but also Illegal, sadly the enforcment is a joke but that's not really the laws fault!

That's literally the point though...

No? If a website refuses to load because you refused tracking cookies, it’s still illegal under GDPR

Nearly all of these are illegal, but sadly there is little enforcement when it comes to this. (Tracking must be opt-in, not opt-out. Ignoring a banner must be interpreted as declining. Opting out must be a simple option, not navigating a complex and misleading menus. The users choice applies to any form of tracking, not just cookies...)

The second that popup about cookies shows up I immediately backout and not use the site.

That's like every site. How do you use the internet at all?

If you really don't want to bother, you can use the consent-o-matic addon for Firefox that automatically declines every cookie possible.

It's becoming a lot easier to use the internet a lot less. It's been turned into such a user-hostile space so domineered by corporations and fascists that most of the internet doesn't really hold much of an appeal anymore, at least for me.

If the internet died tomorrow and didn't come back, I'd be annoyed about not being able to use it to order food, manage my bank account, or watch shows/movies, but the world would likely be an overall better place once logistics re-adapted to not having it.

The internet was cool for the first 10-15 years, but it's been a rapidly worsening cesspit for a long time. Nothing the internet can offer us is worth also tolerating it as a tool for inescapable government and corporate surveillance, and as the most effective imagineable breeding ground for fascism and disinformation.

The internet makes our lives worse in so many more ways than it imporves them, and people are too fucking addicted to it to give a shit.

I don't give a shit about cookies my browser just cleans after me and next time i open it everything is like new.

Road to hell, good intentions and all that. Government fundamentally misunderstanding the role of cookies and the fact that browsers can handle user privacy with trivial effort by default rather than having every single website annoy the fuck out of you with a million goddamn notifications before actually showing you what you want to see.

The annoying popups are an act of malicious compliance from data harvesting companies. The tracking industry wants people to associate the right to privacy with stupid annoyance, so that people will stop demanding privacy.

The legislation does not say anything about cookies. It's about rights and responsibilities in data collection (no matter how it's done technically). The "consent" part of it exists as a compromise, because there has been heavy lobbying against the legislation.

This is not a technical problem β€” we've had many technologies for it, and the industry has sabotaged all of them. There was the P3P spec in 2002! It has been implemented in IE that had 90%+ market share back then. And Google has been actively exploiting a loophole in IE's implementation to bypass it and have unlimited tracking. Google has paid fines for actively subverting Safari's early anti-tracking measures. Then browsers tried DNT spec as the simplest possible opt-out, and even that has been totally rejected by the data harvesting industry. There are easy technical solutions, but there are also literally trillions of dollars at stake, and ad companies will viciously sabotage all of it.

Like I care. I've got a plugin that automatically accepts all cookies, and another one that deletes cookies when I leave the page.

By accepting everything, you are also sending most of the time extra data to third parties. What you are doing is ill-advised if you care about privacy.

Not really. If you're using an adblocker, it's the best option. It's the path of least resistance, and tracking is blocked regardless if it's tracked it not. No server will see if you pressed accept or decline. That's why this addon exists.

How does that work though? The cookies are presumably based on things like your IP and browser metrics, which a site gets from your browser. If your browser throws away the cookies then on your next visit you aren't volunteering that you've been there before. But the site can still likely figure it out, but without the cookies it isn't as certain. With well-constructed cookies they can be almost 100% sure you're the same visitor.

Cookie consent is actually supposed to be about all data tracking.
There are quite a few analytics that do fingerprinting "because it's not a cookie, it's not covered by Cookie Consent". But it is still covered.
Some of them respect the fact that declining cookies is about declining tracking.

So, if you consent to all cookies, you are also consenting to any fingerprinting that doesn't rely on cookies. So deleting cookies wouldn't remove that fingerprinting data.

Gotcha, responsible site owners should not be tracking you if you decline cookies.

Wait doesn't it automatically deny them?

The "I still don't care about Cookies" extension does not, no.

This extension can do that: https://addons.mozilla.org/firefox/addon/consent-o-matic/

However, since many webpages have illegally made it so refusing consent is more difficult than giving 'consent', that extension is significantly more complex and in my experience doesn't work as reliably, unfortunately.

Is there any extension for android that can do that?

Well, you can install both of these add-ons via this workaround: https://blog.mozilla.org/addons/2020/09/29/expanded-extension-support-in-firefox-for-android-nightly/
(I have used both. Both work. Although, again, I'd rather recommend I Still Don't Care About Cookies + Cookie Auto-Delete.)

However, Mozilla plans to make much more extensions available for Android soon, so you might see these regularly available before the end of the year. This is what we know for now: https://blog.mozilla.org/addons/2023/08/10/prepare-your-firefox-desktop-extension-for-the-upcoming-android-release/

Yeah, sometimes websites have so many hidden checkboxes, that consent-o-matic has a rough time going through all of them. Takes like 10-20 seconds to disable them all at computerized speed.

Imagine doing it by hand, lol.

The above is wrong, the add on attempts to hide the prompt. It doesn't accept nor reject it.

I Still don't care about cookies? From its description:

In most cases, the add-on just blocks or hides cookie related pop-ups. When it's needed for the website to work properly, it will automatically accept the cookie policy for you (sometimes it will accept all and sometimes only necessary cookie categories, depending on what's easier to do).

So, yeah, doesn't accept everything, but might accept some.

Better to use consent-o-matic, which blocks all possible cookies instead of accepting them.

The websites still work perfectly anyway, it only preserves your privacy.