I am in my mid forties, been working as a professional software developer for over 20 years.

I click “accept the cookies” almost every time. I just personally don’t feel it’s worth the effort and cost to try to avoid it.

What “dark pattern cookie trick” are you worried about? I just can’t come up with a scenario where it will actually harm me in any way. All the examples I have heard are either completely implausible, don’t actually seem that bad to me, or are things that are trivially easy to do even without any cookies.

Now, I am not going around giving my real email out to random sites, though, although even that doesn’t strike me as particularly dangerous. I already get infinite spam, and I am sure there are millions of other ways to get my email address… it is supposed to be something you give out, after all.

I just don’t think it is something that is worth stressing out about and fighting against. Maybe I am actually naive, but I just have not yet been convinced I should actually care.

> It is the young people that are growing up conditioned to press accept

It's really alarming, actually. I run the cyber security training & phishing simulations at my work, and it's the younger employees that struggle the most. It's like they just assume that everything on the web is trustworthy.

It's not hard to see why though. They grew up with app stores & locked down devices. No concept of a file or file system, no concept of software outside of the curated store & webapps. People that never had to take responsibility for their own digital safety because "someone else" (Google, Apple) always did it for them.

It's not just cookies, it's explicit consent to track you, and sell your browsing history to ~1500 spy companies around the world.

To the sibling comments: don't "accept the cookies" and then delete them.

- - -

I'm super angry at what the web has become, especially at the OS browser community. There is 0 browser (that I know of) that can access the web safely and conveniently. Atm I use Firefox with uBlock which blocks the cookie banners, but Firefox's extension model is broken, and every single extension provides 100% access to my websites to whoever controls the extension. I don't like it.

We need a browser with a safe extension model.

- - -

edit: I guess using 2 Firefox profiles, one with uBlock and one with my google/facebook/bank/amazon/etc accounts solves the threat posed by uBlock and extensions. I still don't like it.

I remember when it first became widely known that the government could see your library checkouts. People protested. It was a big deal in my tiny town.

I don't even think it would be even a blip on the radar now.

It really is depressing how much ground we've given.

I use Cookie AutoDelete on Firefox and it's great. It works with Firefox Container Tabs (groups have their own cookie settings), and let's you greylist (allow cookies from a particular domain pattern until the tab is closed) or whitelist (always allow from the domain pattern). I set it up for my kids computers also. The default is to blacklist (cookies aren't set), and I can whitelist for particular sites where they need say persistent login.

Definitely in 2026 kids should be getting tons of education in public school about how to safely browse the internet, both for personal data privacy and for safety against stalking, doxxing, grooming etc in the same way millenials were grilled about source checking internet resources like Wikipedia.

>Siting there I realized, we were not the real target.

That is wrong. You definitely ARE the target too - perhaps not the primary one but you are part of the cohesive whole. Why would you think that Facebook sniffs for offline data about which doctors people visit? These are not accidents.

People around me (including engineers) all casually use things like Alexa, Google Home, Ring, Nest, Chrome, are always signed into Google, have all sorts of apps installed on their phones, and have no problems giving up their phone numbers to services for verification. It's crazy.

Most doesn't event know what cookies too. In fact, most doesn't put extra thought into the things they are clicking/accepting on web.

Because of this, I found it odd that the regulation allows displaying the accept cookies button. Instead, it should be rejecting cookies by default and a separate flow to accept tracking cookies (e.g. via account settings page)

I do this, more or less, although I am a bit older. It's not as if I enter my real name, address, or email at every opportunity, but there is really no perceptible feedback loop that would force one to contemplate the consequences. I visit my local news site and the first thing I see is a massive cookie banner which lists over a thousand third-party vendors and asks me to either "Accept all", or if I am being prudent, click adjacent button called "Choose" to go to another page, then manually untick dozens of tracker categories, and then click "Allow selection". Whatever I chose, it wouldn't have any tangible impact on my life. I simply do not care.

I'm over "middle aged" and just accept everything as well. Same with email - who cares who has it when we have adequate filtering in this year of our lord. I've never had anything negative come of it, and I'll be surprised if anything ever does. Seems like a lot to worry about for nothing.

Accept the cookies and flush them out every time you close the browser. I think it would be naive anyway to assume that clicking no on a cookie banner would achieve much for your privacy.

Accepting cookies vs. entering personal information are very different buckets for me.

I just click "Accept all" on every cookie banner, life it too short to figure out which checkboxes and dark patterns I have to avoid on each site to not hand over some data...that is than later on just tracked in the backend ("server to server tracking"). Or sold by my credit card company, or tracked by me hovering over some video on YouTube. With the amount of data available unselecting some check boxes on a website just doesn't make a difference.

My inclination is to simply close the window as soon as there's a popup of any sort. If someone did that to you in public you would be within your right to punch them in their face as an act of self defense.

There is a third path, Firefox focus.

Accept everything, the end the session.

That said even with throwaway relay emails I don't sign up to much

I doubt the average person even reads those. They are just "the thing you must click to get on with things". How many of those does a person even see in a day across all software and websites wanting to pop up with some garbage you do not care about?

> It is the young people that are growing up conditioned to press accept

There is a similar story with Ford and how they build pavement everywhere and taught the young population that roads are for cars. Now we have to drive for 10 minutes to get from one shop on the plaza to another shop on the different plaza.

> the young people that are growing up conditioned to

How does the conditioning start?

> not value their personal data

Okay, but in practice how much do they do with it that isn't ad placements?

I use chrome as “burn” browser (i only use it for non important things) and I have a dummy email that I use for signing up in everything non important as well. Perhaps this young adult was doing the same?

I saw some research awhile ago that 60% of the time, "reject cookies" is ignored.

That all random game and messaging sites now wants my kids' passport uploaded to some random 'id verification company' is madness.

But now instead, my 11 year old's Roblox thinks she is 18 because she wore glasses in their age verification webcam tool. And it can't be changed unless she uploads a passport, which I will never allow.

Please, gov.uk introduce a gov ID verification service? I could trust that, -ish, I have worked with public sector clients several times...

Most doesn't event know what cookies too. In fact, most doesn't put extra thought into the things they are clicking/accepting on web.

I prefer to have a rule in ublock that blocks all cookies notices

Are those young people really doing the wrong thing by accepting? They are getting on and solving their problem, they have probably never had any personal harm done by "some weird dark-pattern cookie trickery".

It's almost like forcing (almost) every website to add these cookie banners has desensitised people to what they're actually saying.

I would go into source, delete the overlay, undo the scroll lock

Have you noticed half the internet doesn’t work if you use a vpn? Even a good vpn? Even HN wont let you create an account with a vpn. The friction applied to preventing people from deploying privacy tactics is intense. I’m not sure how we can practically resist the privacy enshittification without abandoning the internet and its convenience entirely. I’m ready to go back to paper statements and visiting my bank and writing paper checks, but I don’t think GenZ is.

Does it even actually matter what you do? How many lawsuits/investigations have there been in the last decade revealing that some company or another that swore up and down was following privacy laws, protecting your data, and not selling it actually were. I'm at the point where I figure anyone who wants to track me is, and any privacy pop-ups or the like are just for show.

Bingo

It's not just young people. I think the above represents 98% of the people out there.

We've collectively long ago crossed over from privacy to convenience, and there's no going back. You and some of us here on HN (myself included) are the outliers.

People are getting brainwashed into giving away information on the web and real life.

In the US it's not rare to link accounts through phone numbers that are required in web forms and store memberships.

In Chile they started asking for your National Id with so many stupid pretexts that people got conditioned into just giving it away. It wasn't like this 10yrs ago. I'd rather have membership numbers.

It's technically public information, so collecting Ids is legal, but it's also a universal primary key within the country that allows merging any user-related table you run into.

Retail says it's just to associate it with receipts in case you need that later, but I'd rather just get a photo of the printed receipt for later than rely on them to find my receipt. Supermarkets, Drug stores, and petrol stations tie it to (possible) discounts or points at check-out, which is price discrimination and it's illegal, but we are in our way to get surge pricing as soon as the new US bootlicker president begins his period next week.

I'm pretty old and was the same as you for about five years, but now I just tick anything, much like the young adults. If they want my info, they can have it. I've not heard a convincing explanation why I, personally, should care

It's been done for about a generation or two, and that's what people don't seem to realize.

In the early aughts I was sitting in on privacy discussions that reluctantly acknowledged that regardless of what we do online, surveys showed you could offer someone at the mall a free Snickers and they'd fill out the whole form.

The perceived cost to the individual of divulging their personal data is near zero; dangling nearly any incentive in front of them will induce them to let it go. And that's not a new phenomenon.

Breaches will inevitably happen. And each time one does, it'll erode people's trust in this new world of zero-anonymity-allowed. Give it time.

You're still relying on sites fulfilling what they promise in a world where facebook has been blatantly violating gdpr from day one and enforcement just isn't happening

Set your browser to block 3rd party cookies, add privacy badger and ublock origin. It will have more effect than clicking "reject"

I click "don't send me mail" every time I buy something. Every place I buy from still sends me spam at some point. There are no negative repercussions for them beyond whatever infinitessimal thing me clicking the "report as spam" button does

You know you can clear your cookies right?

The fact that you think declining the cookies gets you privacy is the real grift. The fact that you think you're safe from tracking because of a cookie banner

The cookie dialog was a mistake -- this is something that should've been handled as a browser API. A standard dialog of "do you consent to cookies yes/no/functional-only" should be part of the HTTP headers.

Same thing with age verification. My kids all have devices that are managed through parental systems like Google Family Link and Microsoft Family Safety. It would be straightforward to have a header for "user is an adult" or not, and to have a standard API for "this site is requesting metadata that you haven't said to automatically make available without permission. Do you want to send it? Y/N [ ]checkbox use this for all sites.

The only time we should even be talking about full identity verification is on user-submitted content, and even then that should be up to the site (with the commensurate legal liability of hosting anonymous slop).

"they"... sadly indeed the damage is done, but not by "them".

I've been saying this for years. GDPR and Cookie Law were created for big corporations to legitimise data trade where before it was grey area. Now they get consent as people blindly click accept and they can make money. It was never about privacy.

i've caught a lot of heat in the UK where i live for my position on GDPR, which is that i completely reject it, because people seem to believe it's there to protect any rights

if there's anything remotely good with GDPR is the requirement to companies to disclose known data breaches

all the rest of it is a terrible idea and only serves to nag people and legitimise the darkest of patterns

the regulation should be there to disallow companies from asking certain information, everything else regarding tracking is self-defeating as it's 1) seldom enforceable 2) hardly binding in any meaningful way 3) pushing people to concentrate their services where they have already surrendered their data 4) legitimising of dark patterns

this new and blatant step towards digital id is a hill i intend to die on, I will not comply and I will do everything in my power so that others don't have to and are even punished for doing so

Again the HN bubble, I assure that the vast majority of adults of any age are not privacy conscious.