alt Hacker NewsMost websites don't need cookie consent banners
Comments
I wonder how many people provide consent through these banners. Is it frequent enough to be worth the terrible user experience?
I know some sites use dark patterns in their cookie banners, which I consider to be a helpful hint that the company doesn't respect the users.
“You DO need consent for: Third-party tracking cookies like Google Analytics, Facebook Pixel“ Since most websites use GA then yes most need the banners. You could say most sites don’t need GA but that’s a different argument.
wouldn't be so sure about that in Germany, even if technically and legally true. i've heard too many times about spamigation cases where shysters send mass cease and desist letters. even if those are complete bullshit and without substance you're well advised to respond and competent at that - which means you'll have to invest in a lawyer ... yadda yadda.
I think if you are using Google adsense, u have to show this annoying thing to all your visitors...
Disclaimer: I work on a consent product.
If you're in any way something beyond a hobbyist, you should probably get legal advice about whether you need to get affirmative or implicit consent, whether you need to handle universal opt-out signals (in California, Global Privacy Control signals are now legally required to be respected), etc.
Simply saying "oh I'm only tracking local cookies" might not even be enough in GDPR because the act of writing any cookie is actually covered under the law (because you're storing something on the user's computer). You're required to disclose that these cookies are in use.
And a proper consent banner will immediately handle your GPC signal, and generally not show you anything (California now requires a visual notification that your preference has been respected).
I understand what the author is actually saying: you can design sites that don't require the tracking tools requiring consent. And yes, while true at a certain (small) scale, when you have hundreds of millions or billions of page loads per month, and several development teams, a partnership group, and a lot of moving parts, you'll forgive me for thinking this is impractical.
Consent banners don't have to be awful, I promise.
Correction: none of them do. The Biggest misunderstanding in how tech works by the EU ruined usability for eternity.
Cookie consent banners make me immediately think if I should just leave the site and not care about the content.
The way not to need cookie consent banners is to not do analytics tracking in the first place.
"Advertising or behavioral tracking cookies"
Any real business needs to do behavioral tracking for campaign conversions, add-to-cart, customer acquisition, funneling, retention, personalization, etc.
I love how we all hate cookie banners and say they are unnecessary, but are salaries are all paid by apps that do behavioral tracking.
Only hobby blogs can get by without it.
Unfortunately culprit may the privacy laws, irrespective of their good intentions, precisely because the 'banner' does not materially do anything but create an arbitrary annoyance.
It's not a better experience, it's a worse experience, because users will click on 'whatever' and therefore the goal of the privacy laws are not met.
Given the current situation - things would be improved by merely providing users with a consistent way to check on cookie status aka with a 'privacy link' up top that always gives clear info about privacy - but with no popup.
Or - given the current situation - it may be more appropriate to be more assertive with privacy and not allow one-click opt-in because it's just too much?
The fact is, the popups are just bad - the don't accomplish what the are trying to accomplish and we need a more UX friendly way to regulate. Which could be lighter or more restricting, one way or another.
I think we should accept that certain kinds of tracking should be allowed by default for many cases. It don't think it's a violation of privacy for companies to map an individuals experience across their property, as long as user is anonymous, there are other checks etc. Sharing data between sites is completely another thing altogether.
I consider all those pop-ups to be illegal. The use case in my opinion does not warrant pissing off users by distracting them via such pop-ups. Here I classify slide-ins the same as pop-ups. I don't even read what is written there since I already don't care. I kind of have to use extensions to workaround this spam. The EU bureaucrats are very confused here - they cost a lot of money and don't really improve much at all. Plus, when they hand over data to the USA from EU citizens, it already puts them at logical odds - either you are consistent in what you do, or you simply shouldn't act in an orthogonal manner that degrades the user experience via laws. That's just nonsensical.
"You DON’T need consent for: First-party cookies used just for your own analytics (in most cases)"
They claim that, but the page they link to as the source says "You must...Receive users’ consent before you use any cookies except strictly necessary cookies.". So what exactly makes them think that first-party analytics cookies are "strictly necessary"? The Mastodon link in the at the start of page doesn't seem to work.