from Hacker News

“Accept All Cookies”, or Don’t

by andrewbaron on 8/26/22, 12:07 PM with 15 comments

Cookie popups ruined the web. Must we keep on like this?

  • by superchroma on 8/26/22, 12:31 PM

    Ignorant people and predatory ad vendors ruined the internet. It's positive that site owners are forced to disclose some of what they do, because otherwise people would pay it no mind and assume everything was all roses. If the EU can annoy Americans enough into enshrining some sort of consumer data privacy protections, maybe there'll have been a long term point to all this.

  • by beardyw on 8/26/22, 12:27 PM

    Focusing on cookies was a mistake. They should have insisted the Do Not Track header be respected.

  • by dalmo3 on 8/26/22, 12:30 PM

    I don't even bother rejecting cookies anymore, I reject the whole website altogether, bounce right off.

  • by notaspecialist on 8/31/22, 8:00 PM

    You don't need to have cookies on your website unless you need to reconnect the browser to a session where you're keeping their authorization etc. Unfortunately most people just want to run a website to do something and the easiest thing is to use WordPress or whatever the popular framework is, which has this cookie behavior built in because it "might" be needed.

    I browse with all cookies blocked, except on sites which I need to login with. This sometimes gives me a "enable cookies to use this website" message but I just move onto the next website in my search.

    To answer your question however, website owners need some analytics to know if their site is getting attention, what people click on, where they go. It really helps to improve the UX and reinforce the 3-click rule (your visitor should get to the page they want in 3 clicks). Perhaps if an analytics package was part of every framework, less efforts would be placed into using external companies which must monetize people. Just a thought.

  • by Mordisquitos on 8/26/22, 12:48 PM

    I not only reject all non-essential cookies and click on the "Object to all legitimate interests" button if available. I take it further when there is no "Object to all" button, which is most often the case when there are so-called legitimate interests.

    In those cases I will masochistically go through each and every one of the myriad companies in "Our Partners" lists one by one, and manually object to each of their bullshit "Legitimate Interest". I mean, sometimes it may actually be legitimate (e.g. prevent fraud?), but I so often see that their so-called legitimate interest is something like "Build a personalized ad profile" that I just burn them all.

    I've honestly sometimes been at it for about a whole hour, tap-tap-tapping on my phone or tab-tab-spacing on my laptop, because I'll be damned if these dark patterns let them get away with it. Also, I can fantasise that the day a whistleblower shows that the objections were actually ignored or simply non-functional, I will join the class action lawsuit and sue them for the hours I have wasted for no purpose while believing it was doing something. But I digress.

    If I had the time and the frontend skills, I would love to create a browser extension that will not only actively reject and object to everything. I would even like it to have a bloody-minded option to actively accept cookies from companies that do not claim "legitimate interests", but that will reject (and object to) any that do. A man can only dream, while he's tap-tap-tapping "object" for hours and cannot even remember what the site he was going to look at is even about...

  • by ergonaught on 8/26/22, 12:46 PM

    Must we? Yes, because people who do not clearly identify and thus do not clearly understand "the problem" are responsible for producing "the solution", the point of which is also never clearly identified nor understood.

    In the meantime, shortsighted and greedy "site/platform owners" (ex: the people who think 3 popups and 47 ads are a quality user experience when trying to read a recipe for pancakes) in conjunction with the heinous adtech industry have already moved on and do not care.

    99% of people already just accept the cookies just like they click through the EULA popups and simply don't give a damn about this. The tracking companies already engineer solutions to enable tracking without the "easy mode" of cookies.

    By the time the fumbling incompetents produce "the solution", the target has already moved, and since those folks are very much OPPOSED to actual individual privacy/sovereignty they will continue to waffle around with halfway things which only degrade the user experience without solving anything.

    Errr.

  • by ephbit on 8/26/22, 12:49 PM

    One of my "favorite" things about cookie banners .. this blatant lie of a message:

    "We value your privacy"

    Nope, you don't .. you value selling my data and ads revenue. Of course you value those, because it's the primary job you were given: make money.

    And that's okay.

    Lying in my face with this message though, leaves a foul taste in my mouth. Every. Single. Time.

  • by johncoltrane on 8/26/22, 12:16 PM

    A solution more harmful than the non-existant problem it was meant to solve. We are very good at that kind of things.

  • by sausagefeet on 8/26/22, 12:44 PM

    The value of this, and more so GDPR, however annoying one may find it, is that it gives the consumer rights that they can use to punish a bad actor. The dialogue is not really the point, it's what you can do with the rights that the dialogue gives you.

    Additionally, websites could also implement the cookie (and GDPR) dialogues in a way that wasn't painful. The law doesn't say that you have to implement the dialogue in the slowest most CPU intensive way possible.

  • by eimrine on 8/26/22, 12:18 PM

    child porn / terrorism accusations ruine fundamental of web. Internets without cookie popups might be just a good facade on bad fundamental.