Where debating everything under the sun is only the beginning

hen you consider how Turkey is run and what goes on in it keep it distant.

"Internet users do not have to click on a banner every time they visit a website," Commission Vice President Andrus Ansip said. "They will be able to make an informed choice."

When the European Parliament reviewed the e-Privacy Directive in 2009, it included the obligation for companies storing data to have people opt in, rather than opt out. Coders started building banners across websites to comply.

[...]

"People who thought cookie banners were annoying will be disappointed to hear that things won’t get better," said Townsend Feehan, head of the Interactive Advertising Bureau for Europe, which lobbies for the online advertising industry trading heavily in data gathered through marketing cookies.

"Without significant improvements to the proposed text, users would have to actively change the settings of every single device and app they use, and more actively deal with constant requests for permission for the use of harmless cookies when visiting websites and using other digital services," Feehan said.

Dodge the headache of compliance for all your 3rd-party tracking pixels (pretty much all social platforms and 3rd-party widgets/plugins employ some kind of tracking – the infamous "Like" button is probably the most prolific), by requiring consent by default. That is, for all your visitors, European or otherwise, before any tracking takes place. That way, there are no grey areas and you minimise any risk of getting this wrong – a high risk considering website content is often constantly in flux...

[...]

Essentially, the approach is that you need to create a compliance alert to your users on their first visit. You probably already have such a message already. However, often I find tracking is already taking place as soon as the visitor loads a page from your site – before they have accepted (or not) your offer to track their activity. That of course is wrong.

[...]
Five tips for compliance consent:

1. Keep your compliance alert in place until your visitor takes action to accept it. If accepted the alert is removed. If the visitor takes no action, then your compliance alert remains in place. That is, there is no available action for the visitor to reject the alert.

Likewise, you have a far greater user group trying to VPN themselves into Europe.

Opt-in, much like freedom and democracy, is great in theory, but easily subvertible and subverted in practice.

There is an absolutely obscene sub-industry based on the repackaging of personal data. Commonly 10% of a web site is pushing content to you, and 90% pushing you to these ad brokers. Where there is profit there is a way, but they will have to work harder for it in the future.

I was sceptical about GDPR initially, but it does seem to be a game-changer. By far not sufficient, but it will make some abuses very much not cost-effective.

By what flip of logic do you call it an opt-in when you are presented with a barrier with one single option? What sort of opt-in is it? And how in hell can you compare it to freedom and democracy? I have given you too much benefit of the doubt.

I'm of the opinion that tracking walls are almost certainly illegal under the GDPR.

The trick is to make the alert “irritating” and “distracting” enough for the visitor to want to take action, but ultimately you cannot stop the user accessing your content if they do not.

I deliberately emphasize irritating and distracting as you must give a strong reason for the user to take action – accept to be tracked. Otherwise you risk large swathes of visitors simply ignoring your alert and continuing to browse your content regardless i.e. you lose a large amount of visitor data!

BTW, you are not allowed to block access to your content if a visitor does not consent. My analogy is from bricks and mortar retail stores – a store owner cannot stop someone visiting a store just because they don’t like the look of them. That is called discrimination and is illegal in the EU.

I flatly refuse all cookies, unless I need to log in. Now my work has become impossible, because there are demands for me to enable cookies at every turn.

Right now, at least Forbes.com, Latimes.com, and everybody related to Oath Group (includes Endgadget, TechCrunch, and HuffPost) block EU visitors. Block as in block - you have no access.

One might wonder what this has to do with EU regulations.
There were sites since ages which didn't deliver content if you had cookies disabled. So they are now.

Forbes.com, engadget.com, techcrunch.com and huffingtonpost.com are displaying fine with my German IP. Tested right now.

Well, it's a German IP of a German ISP.
AFAIK Germany is still part of the EU. I'm not aware of a silent Dexit.

As for the Baltic states, I thought they are together with the Ukraine and Poland the closest European allies of the US.

BTW, I assume you don't try to access Forbes with an exotic text based browser.

I've attached two pics.
From the first one you can see that I'm correctly identified as an EU visitor.
First I get redirected to Forbes Europe. However there is no problem switching to the US site as shown in the second pic.

I don't think companies set out to be evil, most of them anyway.

Earlier legalisation tried to prune some thorns.

In each and every web/app design office it will be the usual battle between greed (managers wanting ad income), fear (lawyers don't wanting company to be sued), and laziness (do as little as possible). This will go several rounds.

Perhaps it's a social experiment on how much crap the EU citizens can take.

This Wednesday we need your help. On 5 July 2018, the European Parliament will vote on a new copyright directive. If approved, these changes threaten to disrupt the open Internet that Wikipedia is a part of. You have time to act. Join the discussion. Thank you.

If Goebells was around he would be smiling.