a midsummer tamsyn's dream is a user on dragon.style. You can listen to them or interact with them if you have an account anywhere in the fediverse. If you don't, you can sign up here.
a midsummer tamsyn's dream @thamesynne
Listen

occasionally, clicking through yet another half-arsed GDPR-mandated cookie management screen, i find myself thinking "the GDPR has buggered up the web"

then i catch myself.

no, it hasn't. the way companies have opted to respond to the GDPR is what's buggered up the web. they could have been nice and unobtrusive about it, but no, they decided that *every user in the EU* should suffer their protests at not being able to stow thousands of fragments of random shite on a whim all over their vict- sorry, users' computers.

· 144 · 174

@thamesynne

When their entire business model depends on tracking you and selling that data to whoever wants it, it's hard to get them to change.

@anthracite @thamesynne

I still look back with 'fondness' on that site whose GDPR compliance was "if you don't like tracking, you can just disable cookies altogether! 🙃"

I think it was a store, actually

@packbat @anthracite @thamesynne

You know, instead of monkeying about with third-party cookies, there really needs to be a standardized way to tell sites we don't want to be tracked. Get browser vendors to include it as a setting. Maybe call it something like "Do not Track"...

Oh wait, we tried that already, and practically nobody respected it.

@starchturrets @packbat @thamesynne

The fact that you’ve turned on DNT is just one more piece of data to put in your digital fingerprint!

@thamesynne And even now, places like the NYTimes settle for "we use cookies to track everything. Suck it", rather than questioning if they actually *need to do this*.

(And the LA Times just says Sod Off)

@porsupah yeah, i've run into a few websites which are all "for legal reasons we don't let anyone from the EU in" and i'm just like "well thank god it's not a significant market for you or a rather large chunk of the world's wealth and population or anything..." 🤷

@thamesynne @porsupah It's a pretty dire indictment of the media industry that some companies would rather completely deny access to information than operate on a business model that doesn't sell their readership's privacy to the highest bidder.

@thamesynne I don't fully agree. While the idea behind the law is good, even experts have no idea how to comply with a great deal of it. If the pundits talking about it actually knew how to comply, they could make a lot more money as lawyers, because the lawyers sure don't.

@freakazoid @thamesynne It's not difficult to comply with the GDPR if you're not doing sketchy shit. If you make money off of targeted advertising and user profiling, yeah, it becomes tricky to figure out how to comply. But I don't think you can really blame the GDPR for that!

@varx @thamesynne I don't think it was the intention of the GDPR to outlaw advertising.

@varx @thamesynne @freakazoid One might even go so far as to wonder if the intention of the law was to drive those assholes out of business

@bamfic @varx @thamesynne That is the purpose of government, right? Let whoever holds the reins of power put anyone they don't like out of business?

@freakazoid @thamesynne @varx Indeed. And if the people hold the power we can put the malicious actors out of business.

@bamfic @varx @thamesynne Which is why the bad actors always ensure they're the ones with the power.

@freakazoid i think you just made the case for anarchism much more succinctly than i could

@varx @bamfic

@freakazoid @thamesynne only thing I can think is to disable cookies entirely and track sessions with a URL param, but that's buggy and insecure and if implemented smoothly (with js?) would count as tracking anyway...

@wilbr @freakazoid @thamesynne nothing about GDPR says that you can’t have cookies.

@chucker @thamesynne @wilbr Yeah and I don't think not using cookies gets you out of anything. It's the tracking that's the issue.

@thamesynne They also don't even limit those useless informative pop-ups to European users.

@thamesynne yeah. The GDPR says "you can't do this"; companies went "but we want to do this, so we'll make everything waaay more annoying so we can continue to do so despite the law specifically trying to prevent it".

@thamesynne
im not even European, and its basically almost every site I go on has a dumb popup that takes up half the page that says "we use cookies to track you, you cant do anything about it"

@starrycosmos @thamesynne they obviously lie, you can do something about it. Get off of that site.

@thamesynne that's the very definition of a dark pattern: turning the user's experience into some horrific steeple chase just to force them to comply to your advertising sh*t out of annoyance and confusion. You are absolutely right, shame on companies who made the worst of it.

@mcpaccard @thamesynne For me it's the same as what happened (happens) with the "cookie banner". Now everyone clicks "ok give me cookies whatever" instead of being informed.

@thamesynne
The Web was buggered up.

The GDPR is an attempt to correct some of that buggering.

Change is always messy! 10 years from now, I suspect we'll still have a similar situation to California's infamous Prop 65, which requires all companies to provide a warning if they use any chemicals containing carcinogens. (The law was enacted in 1986, before we really understood that carcinogens are in almost everything.)

Speaking as a dev, the GDPR did a LOT of good besides what's visible. ^^

@thamesynne I think one or two news sites have opted to build a completely JavaScript-free version of their site for EU users and it's such a delight to browse, everything's so fast

@noiob i've seen at least one, and yes, that's a delightful solution to the problem... but it does invite the obvious question ;-)

@thamesynne Personally, whenever I see one of those prompts, I re-think if I really want to read that, and if I do, I just add it to my "read it later" app, which removes all the cruft anyways.

@thamesynne When I encounter one of those nags, I click on uMatrix and deny all cookies. Then block the element.

@thamesynne wonder if one solution would be to write an add-on that auto-refuses all tracking options in the GDPR-mandated popup and also dismisses the pop-up.

Then when they inevitably change the pop-up to fight off the add-on you can accuse them of making choice difficult.

It'll also make it possible to decline pop-ups that do not allow you to decline (which is against the GDPR).

@polychrome @thamesynne uBlock does a part of that - you can right-click on the popup and choose 'Block element', and that will stop that popup appearing on that site in the future. And since you haven't explicitly opted in to tracking, the site /shouldn't/ have started tracking you (but I'm skeptical about this bit).

Picking the right element can be tricky, and you need to do it once for each site though.

@thamesynne @OpinionatedGeek a growing number of them have the text say "continue to use this site to agree" as the clause, and at least one autoaccepted on my behalf as soon as I scrolled down so this cannot be trusted.

Ofcourse these same sites also tend to only have a "Got it!" button with no way to opt out, regardless of how that's against the GDPA so.

@polychrome @thamesynne Ah. Haven't seen any sites that assume agreement by just using the site, but I'd guessed there'd be some. Maybe there'll be fewer as time goes on and we see some GDPR fines/prosecutions?

I have extensions to block trackers and auto-delete cookies, as well as using uBlock. I'm starting to question how much effort I'm devoting to this...

@thamesynne Hopefully people start a) avoiding those sites and b) complaining over them at their respective authorities a.k.a. suing the corporates.

@thamesynne And that's before you hit the sites that decided it was easier just to not serve anybody in the EU, than to implement policies that respect privacy.