Simply enable the “cookie notices” list in ublock origin (available on every platform now, even iOS). According to the EU law if you don’t click accept it’s equivalent to denying.
> According to the EU law if you don’t click accept it’s equivalent to denying.
The result is the same. Technically there's no such thing as denying, only providing (explicit) consent. If consent is required and no consent is provided, then there is no ground for processing.
How do you object to the site's legitimate interest use of your personal data? That is a legal grounds for processing, which can be enabled by default as long as you are provided with an option to actively object.
>How do you object to the site's legitimate interest use of your personal data?
With the legitimate individual control over one own data required to run a healthy society and unavoidable to sustain a democracy. If a business can't exist without threatening society, the sooner it's going out of existence the better.
If it is an actual legitimate interest then you would likely be expected to contact the site out of band to object to the use of your data. Depending on the technical details you might not be able to continue using the site after a successful objection. In some cases the site might be able to reject your request.
The cookie banner thing is intended to allow the user to explicitly provide consent, should they for some reason wish to do so.
Also: the consent has to be informed consent. Me clicking away a nag banner, even if I click "accept" isn't informed consent by the definition of the law.
You want to share my data with your 300+ "partners" legally? Good luck informing me about all the ways in which every of those single partners is using my data. If you are unable to inform me I can't give consent, even if I click "Accept all". That is however a you-problem, not a me-problem. If you share my data nontheless you are breaking the law.
Breaks many websites though and you'll be wondering why something doesn't work and then you have to remember you checked that ublock checkbox a few months ago.
I think in the last 12 months of using that unlock list I've only counted less than five times where sites have broken with that list enabled, I don't have to even disable the entire list. You just disable u-block for that specific site
I've found it to happen much more frequently than that, unfortunately. Usually it's because the modal is two DOM elements - a backdrop, that fades out the rest of the content and sits on top of it/prevents interaction; and the actual consent modal. Websites then use various mechanisms to prevent scrolling. uBlock is often only removing the actual dialog, so you end up with a page you can't scroll up or down and can't interact with.
If you're going to turn the filters on, it's worth being aware of this because it's far from flawless.
Until this moment, I did the same thing… but right now I realize, this behavior incentivizes a domain owner to intentionally break their site, to trick the visitor to disable their blocker.
Then the browser: refreshes the page, downloadz all the thingz… presents cookie banner.
I’ve been using uBlock (or Brave) for years now, and when “something doesn’t work right” the first thing I often do is lower my shields… :facepalm:
From now on, I’ll just bounce. Keep your cookies, I’m not hungry.
Complain and use a different site. There are only few websites which offer a truly unique service. If enough complain and walk away, something might finally change.
This extension gives you more choice than denying or allowing everything though, you get granular choice automatically applied to all websites where it works
What works pretty well for me is the "i don't care about cookies" extension for firefox; my default privacy policy is to throw away cookies when the browser restarts, which I do a few times per day anway.
Th consent is about tracking and your data, not specifically cookies. If you accept them tracking and selling your data then deleting cookies only impacts one way that happens.
That extension might allow tracking. From their Chrome add-on page:
When it's needed for the website to work properly, it will automatically accept the cookie policy for you (sometimes it will accept all and sometimes only necessary cookie categories, depending on what's easier to do).
Deleting cookies is insufficient because of browser fingerprinting, which you just consented to.
But this thread stars with someone saying they don’t care about cookies because they’ll delete them anyway. That’s different than saying they don’t care about their privacy, so it’s worth pointing out that accepting every cookie banner does have privacy implications beyond just having cookies placed.
It always impresses me how its actually easy not to need these banners yet everyone will consistently participate in the civil disobedience of annoying their users. No doubt in the hope of making people mad at the EU.
To the point that people are worried when cookie banners are not required now. I have had a few worried conversations on why our site doesn’t have a cookie banner.
The answer is simple, we don’t track our users, and login is explicit consent and functionality which doesn’t require a prompt under GDPR.
Same with https actually. I still reach some home made website or paper published in this or that legit small university or department without a certificate. Most browser send messages like this is a life threatening move.
If it's that easy to not need the banners, I'd expect EU websites themselves to lead the "no cookies needed" movement.
Yet https://european-union.europa.eu displays a cookie banner for tracking on what is essentially a static informational site. If the EU itself feels tracking is valuable enough to warrant the banner on their own pages, it's hard to fault businesses (whose survival actually depends on understanding their audience) for making the same choice.
At least they're compliant with their own regulation, I suppose.
It's really enraging. Even EU's official sites use the banners, and probably for sites where they wouldn't (or at least shouldn't) even be needed.
It seems that very few, even lawyers, really understand when explicit consent is not needed, and instead we get cargo culting of pointless consent banners everywhere.
The situation has become such that "consents" aren't really meaningful at all, as people just want to get rid of the banner, and it becomes US style contract theatre.
Regular user here. Cant live without this addon, I absolutely love this. Its been a while since I have to manually dismiss a consent popup. Although the redirects from Google and company can get a bit annoying.
It goes through the "reject all tracking" flow. Other solutions automate clicking "accept all tracking" (since that's usually simpler), or just hide the pop-ups.
Trump promised tariffs would bring Manufacturing Consent back. The consent industry voluntarily complied, as demanded -- fully automated and GDPR-compatible -- in stark contrast to his own well-documented contempt for and violation of consent.
Simply enable the “cookie notices” list in ublock origin (available on every platform now, even iOS). According to the EU law if you don’t click accept it’s equivalent to denying.
> According to the EU law if you don’t click accept it’s equivalent to denying.
The result is the same. Technically there's no such thing as denying, only providing (explicit) consent. If consent is required and no consent is provided, then there is no ground for processing.
How do you object to the site's legitimate interest use of your personal data? That is a legal grounds for processing, which can be enabled by default as long as you are provided with an option to actively object.
https://noyb.eu/en/your-right-object-article-21
>How do you object to the site's legitimate interest use of your personal data?
With the legitimate individual control over one own data required to run a healthy society and unavoidable to sustain a democracy. If a business can't exist without threatening society, the sooner it's going out of existence the better.
If it is an actual legitimate interest then you would likely be expected to contact the site out of band to object to the use of your data. Depending on the technical details you might not be able to continue using the site after a successful objection. In some cases the site might be able to reject your request.
The cookie banner thing is intended to allow the user to explicitly provide consent, should they for some reason wish to do so.
Legitimate interest is defined as that usage that is absolutely technically necessary. Which is why you cannot object to legitimate interest.
Legitimate interest is for example a website using your IP to send you the necessary TCP/IP packets with the website's content upon request.
Many websites use the term "legitimate interest" misleadingly (or even fraudulently), but that's not how GDPR defines it.
Also: the consent has to be informed consent. Me clicking away a nag banner, even if I click "accept" isn't informed consent by the definition of the law.
You want to share my data with your 300+ "partners" legally? Good luck informing me about all the ways in which every of those single partners is using my data. If you are unable to inform me I can't give consent, even if I click "Accept all". That is however a you-problem, not a me-problem. If you share my data nontheless you are breaking the law.
Breaks many websites though and you'll be wondering why something doesn't work and then you have to remember you checked that ublock checkbox a few months ago.
I've never seen a website break from this, got any examples?
I think in the last 12 months of using that unlock list I've only counted less than five times where sites have broken with that list enabled, I don't have to even disable the entire list. You just disable u-block for that specific site
I've found it to happen much more frequently than that, unfortunately. Usually it's because the modal is two DOM elements - a backdrop, that fades out the rest of the content and sits on top of it/prevents interaction; and the actual consent modal. Websites then use various mechanisms to prevent scrolling. uBlock is often only removing the actual dialog, so you end up with a page you can't scroll up or down and can't interact with.
If you're going to turn the filters on, it's worth being aware of this because it's far from flawless.
Until this moment, I did the same thing… but right now I realize, this behavior incentivizes a domain owner to intentionally break their site, to trick the visitor to disable their blocker.
Then the browser: refreshes the page, downloadz all the thingz… presents cookie banner.
I’ve been using uBlock (or Brave) for years now, and when “something doesn’t work right” the first thing I often do is lower my shields… :facepalm:
From now on, I’ll just bounce. Keep your cookies, I’m not hungry.
Complain and use a different site. There are only few websites which offer a truly unique service. If enough complain and walk away, something might finally change.
Thanks for the warning, I'd turned on those lists when I read the parent comment and would not have had a good time troubleshooting that.
This extension gives you more choice than denying or allowing everything though, you get granular choice automatically applied to all websites where it works
What works pretty well for me is the "i don't care about cookies" extension for firefox; my default privacy policy is to throw away cookies when the browser restarts, which I do a few times per day anway.
Th consent is about tracking and your data, not specifically cookies. If you accept them tracking and selling your data then deleting cookies only impacts one way that happens.
That extension might allow tracking. From their Chrome add-on page:
Deleting cookies is insufficient because of browser fingerprinting, which you just consented to.Well the extension is called "I don't care about cookies", not "I care deeply about my privacy"
But this thread stars with someone saying they don’t care about cookies because they’ll delete them anyway. That’s different than saying they don’t care about their privacy, so it’s worth pointing out that accepting every cookie banner does have privacy implications beyond just having cookies placed.
zevv obviously cares about cookies and privacy
Believe it or not some of us don't actually give a damn, we just want the fucking nags to go away.
Works pretty well for advertisers as well, as that fails back to allowing all tracking, of which cookies are only a tiny amount
I don't feel ok that Avast bought this extension though https://www.i-dont-care-about-cookies.eu/whats-new/acquisiti...
Instead i use this https://github.com/OhMyGuus/I-Still-Dont-Care-About-Cookies
It always impresses me how its actually easy not to need these banners yet everyone will consistently participate in the civil disobedience of annoying their users. No doubt in the hope of making people mad at the EU.
To the point that people are worried when cookie banners are not required now. I have had a few worried conversations on why our site doesn’t have a cookie banner.
The answer is simple, we don’t track our users, and login is explicit consent and functionality which doesn’t require a prompt under GDPR.
Same with https actually. I still reach some home made website or paper published in this or that legit small university or department without a certificate. Most browser send messages like this is a life threatening move.
If it's that easy to not need the banners, I'd expect EU websites themselves to lead the "no cookies needed" movement.
Yet https://european-union.europa.eu displays a cookie banner for tracking on what is essentially a static informational site. If the EU itself feels tracking is valuable enough to warrant the banner on their own pages, it's hard to fault businesses (whose survival actually depends on understanding their audience) for making the same choice.
At least they're compliant with their own regulation, I suppose.
It's really enraging. Even EU's official sites use the banners, and probably for sites where they wouldn't (or at least shouldn't) even be needed.
It seems that very few, even lawyers, really understand when explicit consent is not needed, and instead we get cargo culting of pointless consent banners everywhere.
The situation has become such that "consents" aren't really meaningful at all, as people just want to get rid of the banner, and it becomes US style contract theatre.
You need a "no cookies here" banner.
Previous discussions:
https://news.ycombinator.com/item?id=30625218
https://news.ycombinator.com/item?id=41479882
https://news.ycombinator.com/item?id=35562230
I use this extension, but I am still always bombarded with the pop-ups, not sure if I set it up wrong or its not that useful.
It’s the first extension I install on a new machine to keep my browsing flow from breaking every 5 seconds. Truly a 'quality of life' essential.
Regular user here. Cant live without this addon, I absolutely love this. Its been a while since I have to manually dismiss a consent popup. Although the redirects from Google and company can get a bit annoying.
This idea/execution isn't new right? Can someone explain what makes this different/better? Is this the ublock Origin of cookie banner hiders?
It goes through the "reject all tracking" flow. Other solutions automate clicking "accept all tracking" (since that's usually simpler), or just hide the pop-ups.
Combine this with auto-delete of cookies except for your selection of sites and you're good.
Does this work better than built-in Firefox feature?
It seems the feature you are referencing was deprecated?
https://support.mozilla.org/en-US/kb/cookie-banner-reduction
Trump promised tariffs would bring Manufacturing Consent back. The consent industry voluntarily complied, as demanded -- fully automated and GDPR-compatible -- in stark contrast to his own well-documented contempt for and violation of consent.