This. The internet has literally become unusable for me without ublock origin. If Google makes good on their threat of disabling adblockers, I'll ditch Chrome immediately. I was a lifelong Firefox user until a few years ago, when I just had to admit that Chrome was significantly better. But without ublock, any advantage it has becomes meaningless.
Better start installing Firefox then. They already removed Ublock Origin from the extension site so you can’t install on new systems anymore. (There’s probably some hoops you can jump through to install it, but the writing is on the wall)
"Tech bros" and so-called "tech" companies peddling surveillance websites that they call "platforms" would like the public to believe the web is "the internet". This of course is not true.
It's a purely web-centric, and "web browser"-centric, perspective that denies fact: the internet is more than the www.
A tech bro 100% focused on "web apps" and other garbage might claim that anyone citing the fact that "the internet" is more than the web is "a twisted form of pedantism". After all, the web is where the majority of online advertising is found. This is the tech bro "business model" and web-centrism is therefore vigorously defended.
Fortunately the rest of the internet beyond the web (as accessed through popular web browsers that deliver online advertising) is usable without uBlock Origin, although controlling DNS is often essential.
Big Tech with their online advertising "business model" may control "the web". And we can see that has resulted in a sewer of advertising. But the web is only one use of the internet amongst many, many others that are not used to deliver advertising.
Unfortunately many sites don't care about your consent either way. The cookie is saved before you get to click anything so blocking the banner blocks only the annoyance unless you go further than just blocking the banner.
Yes. In short, I start with a friendly email. If no response, I follow up with a formal, signed complaint. Then if no action, I report to our country's DPA.
In quite a few cases, the friendly email alone does the trick. Sometimes the premature cookies are indeed a bug, and get fixed quickly.
I recommend limiting the number of extension you have.
Each extensions is a possible attack vector, the author can get hacked and a malware pushed instead of the extension.
Thanks for sharing this! I've always wondered why the browsers themselves can't implement this type of feature to improve the web. I assume it's some legal factor.
For Chromium based browsers... why would the advertising based company make it any easier for users to opt out of advertising. The optimal resolution for Alphabet is users clicking "Accept All" and writing their member of the EU Parliament in frustration.
Well yeah, obviously? Why would anyone ever respect the "do not track" header? The whole point is to get people to click "accept all" out of fatigue or apathy!
Brave just disables the cookie banners (they don't even load), while this fills such forms if I understood correctly. Somehow I get very targeted ads in other apps after using Brave, so I tend to use firefox-based browsers for personal (i.e. any not work-related) stuff.
Thanks for sharing. By skimming through readme some stuff is still not clear to me:
- Can it be used for rejecting consent and not just consenting to everything?
- If so, do you maybe know what happens when it doesn't have a rule for rejecting consent on some site? It would be great if it just lets the pop-up pop up normally.
- How does it handle the "legitimate interest" checkboxes? I.e. can I make it uncheck them all on every site that provides them?
And what is the EU populace or government going to do about it?
Tracking should have been “opt in” and inferred from browser/device settings. I can see why big tech is dragging their ass to make the UX much better, but government should kick them into overdrive by demanding tracking/cookies be opt-in.
Companies should ultimately set up a system which incentivizes the tracking, rather than stealing it behind the scenes
I don't think so. The idea was the users care so much about privacy they will be grateful that they get informed about their options and get to choose not to be tracked... every 5 minutes.
EU already made it opt-in. This resulted in the current situation of malicious compliance. I don't think they'd ever force the way to implement it through device settings, since you may operate a device you don't own (and won't be able to change them).
Who would ever opt in from device settings if not given an incentive to do so? What would even be the point of providing such an "opt in" compared to just banning tracking entirely?
If you made tracking required in the device settings, you'd see the exact same pop-ups, they'd just give you a worse and worse user experience until you gave in and changed your device settings, or similar
The problem is that cookie law requires consent not just for tracking cookies, but for everything except "strictly necessary cookies".[1] This means that any cookie that stores preferences (preferred language, location for weather info, etc) requires a consent banner, as they are not considered strictly necessary. The EU law also classifies any analytics or performance cookies as not strictly necessary, meaning that if your frontend uses software like New Relic, Datadog, or Splunk, you also need a cookie banner.
I just traveled to Europe for the first time. I was already tired of the cookie banners being a U.S. citizen, but I didn't even think about how many I don't see due to localization. All of the sites where I don't usually experience the banner with were now showing them to me. In some cases, it's a full page of text that I have to dismiss before I can see anything.
I am not necessarily commenting on the philosophy behind the banner, but I now have a much fuller understanding of how disruptive they are.
Imagine how awesome and accessible those sites would be if they didn't feel the need to ask for massive tracking cookies. I'm in Spain at the moment and most of the government run service sites don't have this issue and the lack of such a banner warms my heart with the knowledge that my activity isn't being needlessly tracked.
To clarify for those who don't know: If your website uses cookies for storing the products a customer added to their shopping cart or similar "legitimate interest" purposes, they don't need to display a cookie banner.
The law demands them to ask for informed consent only if they want to collect more than that technically necessary data. If that consent isn't given voluntarily it isn't consent. If the choise is "Yes" and a puzzle-maze of a thousand flavors of "No" it isn't informed consent. If the cookies exist before asking they haven't been consentual, etc.
If websites cared about users they just honored the Do Not Track setting
You haven't seen the non detachable bottle caps yet. The ones on yoghurt are the most annoying. But if it saves the whales I will have to accept them without spilling by beverage on EU MPs.
At least you're accepting them. Half my FB feed was complaining about them as if they were the worst thing to be foist upon them and I sarcastically posted about how people want the world's problems to be fixed and the environment to be saved, but won't for a microsecond accept any actual solution that might involve them to do some work - cue classic Dilbert moment
They should really complain about plastic food packaging instead. Non detachable bottle caps are just an attempt to start somehere and hopefully discourage usage. I'm sure there are other ways to attach a bottle cap without annoying the crap out of consumers, but the industry chose the cheapest solution and now everybody blames the EU, just like in the case of cookie banners.
I’ve lived in Australia and that was the best time of my life. Not only this, also they have water bottles with a cap that you can separate, they provide bags at the grocery store, and if you want to heat the offices to 19°C in winter, it’s allowed.
I’m told my data is protected in the EU, but of I don’t click Approve on the cookie banner, the newspaper tells me “You must either subscribe to our newsletter or approve cookies”, and the receipe website adds “We fund our cranky website full of undesired videos and where we hide our ingredient list under a “See more…” to get beyond the 3-ingredient limit, with ads, so you must allow cookies.”
If the EU could make itself useful, that would be now.
Not anymore. I mean, you can pay for them now, but you don't get them by default.
> You must either subscribe to our newsletter or approve cookies
That's not legal... or at least some versions it are not. You can report them or try contacting https://noyb.eu/ in case they're interested. But now you know how you actually pay for that website.
> If the EU could make itself useful, that would be now.
They literally created laws which make this behaviour illegal. (Again, some versions anyway) Now it's up to enforcement, but that's country-local not something EU as an organisation can do.
So instead of blaming the websites that do this and require you to disable the cookies for their 2000 tracking partners, let's blame the EU. The only thing I can blame EU in this manner is that they don't enforce that the websites should respect DNT or something similar. Also, there are plugins to remove the popups, it's not really that big of a deal.
Yes, I wanted legislation that requires companies to ask for consent before abusing my personal information. I still want it.
In the same vein, I want legislation that prohibits drunk driving and I don't get upset with the number of hours it takes to administer sobriety tests.
Why not simply ban it then? Why the song and dance with "consent forms" when it's well understood that most people will just click "OK" to get the popup out of their face and get on with what they wanted to do?
it's ironic when you point out dupes, even though there's often an earlier comment with a link to the dupe. you don't even think to check for dupes while playing dupe police in your obsessive mania
Cookie banners are just one more reason why it's so painful to use the web. They are nothing but required pop-ups! Making it painful to visit sites hurts the internet ecosystem. Might as well stay in walled-gardens, where ads are occasional, but less intrusive.
It's not the popup that is required, it is crappy websites that prefers to do the popups in the most annoying way to force you to accept you wouldn't want to.
Somehow we can at thanks to Europe, so that sites and app that do things well have a clear competitive advantage.
What we can be annoying is Europe not doing much to sanction abused. Like these assholes of trustarc and co that block in "processing" for 2 minutes when you refuse cookies. They pretend that it is the time to make a request to tell all the providers to not track you. But by definition if you don't want to be track there is no request they can do to tell to not keep info that they are not supposed to receive.
They aren't required at all, just don't use any tracking cookies. Cookies that are useful to the user generally don't require the banner, and many analytics tools now have the option to work without cookies (at the cost of not tracking repeat visitors).
Annoying your users with cookie popups is the price sites pay for using invasive tracking. The only miscalculation is that apparently everyone is fine paying that price
That’s always been the argument, but in the end, everyone wants to know how many visitors they have. I know, there are trackless solutions, but you have to admit the reality: The audience of website administrators who want to use non-tracking analytics is a subset of the audience for recompilation of kernels on Arch Linux.
Also I’m quite sure your website is not ranked as high on Google if you don’t use GA.
HN seems pretty in love with plausible.io every time it's mentioned. It's pretty minimalist, but we never had an issue with it not tracking something we actually cared about.
The real issue is ad tracking. If you either show ads or buy ads that lead to your website you are basically forced to add tracking cookies.
You need 0 personal information to track visitors, and even if you needed it at collect time you wouldn't store any of it if your only purpose is to count visitors
> everyone wants to know how many visitors they have
Actually we already know that if you want to know how many visitors you have, GA will strongly underestimate, especially with tech literate audience. You may want the log parsing instead.
Even if you want the JS-based solution, you can do it first party, without the need for GA.
> I’m quite sure your website is not ranked as high on Google if you don’t use GA.
Sure enough to quote a source? There lots of high ranking pages, using non-GA solutions.
This is a common misunderstanding. Cookie banners are not required. It is your[0] active choice to invade your website visitor's privacy which leads to this degradation of usability. Stop with the cookie nonsense and you don't need a cookie banner.
[0] Royal you, speaking to a significant fraction of the HN audience.
Cookie popups are not required, it is just how companies who were already on course of shitifying the internet decide to implement consent required by EU laws.
One out of three videos on Youtube short, several per video on Youtube, Facebook and X sponsored post are hidden within the timeline. That's not even talking about how much ads is outside those walled-gardens, for instance searching for something where SEO is heavily gamed like cooking recipes ends up returning websites where half the page is ads or sponsored content. I typed "buy pc" on Google and the first 4 results are paid ads labelled Sponsored, the first organic result is outside my screen. How are they not intrusive on walled-gardens?
Those cookie banners are not mandatory, functional mandatory cookies do not require consent.
> And it’s only a referral blogpost. Is it even worth fighting? What have we won by attempting this fight? The Internet is unusable today.
Actually for me it offered ldlc.com which is a fairly good result. With an ad-blocker, it's the first result. Is it worth fighting? If the alternative is a web that is unusable today, yes. Will it prevent the enshittifiction of the web in the long term? Probably not.
They aren't required, though; they are a signal that the site you are visiting would rather utilize tracking cookies than provide a good UX. They could simply not use tracking cookies and then they wouldn't need to provide a pop-up!
You think that's bad then imagine how much GDPR compliance costs...
As a European who works in tech and has implemented many cookie banners, I am broadly in favour of GDPR, but I think we need to take a more reasonable approach with smaller companies because it's a huge overhead if you're trying to build a product and you've only got 2-3 technical people on a team.
I also think the type of data held is important. I'm much more concerned about companies which hold significant amounts of sensitive data about me, especially when that data was collected via my behaviour and activity rather than collected from me in a form. I have no problem with a local recruiter keeping my CV and phone number on hand to contact me if a job matches my profile, but a local recruiter and Google are treated the same under GDPR.
> You think that's bad then imagine how much GDPR compliance costs...
Yeah and wait until you know how much medical regulation cost, and food regulations, and pollution regulations. We should just allow these megacorps to do whatever the fuck they want we would make so much more money!
> Europeans spend 575 million hours clicking on cookie banners a year.
According to a new piece of analysis at least.
The research piece also claims that clicking on cookie banners costs around 14.375 billion Euros in lost productivity.
Is privacy worth the price?
is privacy worth the price? really? that’s your big takeaway from this? what a shitty substack tweet
Indeed, what a shitty take in this day and age.
However it raises in me a very interesting point, if privacy was default, it would increase productivity.
As someone with ADHD I can't understate how disruptive advertising is to my workflow and peace of mind. When I first started using spotify in the free-tier those occasional ads would completely derail my focus - ditto, with youtube, mid-video advertisements often lead to me just closing the tab and moving on to a different activity.
Is there a good explanation why didn't gdpr "make websites obey do-not-track" (or a similar set of rules/whitelist/blacklist that can easily be set once in a browser) instead of prompting for manual consent every time? I never see it when a discussion like this arises
Related Analysis of economic and productivity losses caused by cookie banners in Europe (330 points, 3 days ago, 380 comments) https://news.ycombinator.com/item?id=42141843