That conclusion depends on two things: That the “do not track” header would suffice instead, which I think it doesn’t as things stand; or that all builders of web sites would do better not to make any attempt to (for example) keep track of which of their visitors have been there before, which is not going to happen for reasons that are obvious. If those obvious reasons are found to be inadequate, they should at least be addressed to make the point convincingly.
Otherwise one might as well go ahead and say that most of what exists on the web today is not needed at all, which is also technically true. It’s strange to see it suggested that it’s wrong to think law makers “should have known” that something like what happened would be the result. It was inevitable from the start, and as I recall much talked-about. The sites that have cookie banners are all trying to sell you something, and the sales department is not going to willingly give up the best tools it’s had since the 1990s when the cost is just looking slightly more sleazy to first-time visitors.
or that all builders of web sites would do better not to make any attempt to (for example) keep track of which of their visitors have been there before
If there is a technical reason to do so, the GDPR explicitly allows doing so without any consent banner… and if there isn’t other than harvesting data to sell it to advertisers, then yes there is no reason to have that.
The article seems to confirm what’s been my understanding which is that that pretty much anything beyond “session cookies” or the like is covered, whether or not the data collected gets sold or transferred to anyone else.
But yes, there are reasons why data gets sold to advertisers as well. Commercial incentives which are strong and predictable. Regulations should not be designed as if they aren’t there.
Commercial incentives which are strong and predictable. Regulations should not be designed as if they aren’t there.
The entire point of the GDPR is to reign in those “commercial incentives” to spy on users for a little extra money from advertisers.
But I am starting to get the feeling I am trying to argue with someone who makes a living out of spying on users and selling that data to advertisers, which makes this argument moot.
Nope, I’m not one of them. But I have worked for large companies in the past and therefore have met them.
The GDPR has done substantial good, not least in just getting people to talk about this sort of thing. But the cookie banners are and always have been ridiculous and a sign of one of its failures. An outright ban on surveillance capitalism business models would suit me better.
That conclusion depends on two things: That the “do not track” header would suffice instead, which I think it doesn’t as things stand; or that all builders of web sites would do better not to make any attempt to (for example) keep track of which of their visitors have been there before, which is not going to happen for reasons that are obvious. If those obvious reasons are found to be inadequate, they should at least be addressed to make the point convincingly.
Otherwise one might as well go ahead and say that most of what exists on the web today is not needed at all, which is also technically true. It’s strange to see it suggested that it’s wrong to think law makers “should have known” that something like what happened would be the result. It was inevitable from the start, and as I recall much talked-about. The sites that have cookie banners are all trying to sell you something, and the sales department is not going to willingly give up the best tools it’s had since the 1990s when the cost is just looking slightly more sleazy to first-time visitors.
If there is a technical reason to do so, the GDPR explicitly allows doing so without any consent banner… and if there isn’t other than harvesting data to sell it to advertisers, then yes there is no reason to have that.
The article seems to confirm what’s been my understanding which is that that pretty much anything beyond “session cookies” or the like is covered, whether or not the data collected gets sold or transferred to anyone else.
But yes, there are reasons why data gets sold to advertisers as well. Commercial incentives which are strong and predictable. Regulations should not be designed as if they aren’t there.
The entire point of the GDPR is to reign in those “commercial incentives” to spy on users for a little extra money from advertisers.
But I am starting to get the feeling I am trying to argue with someone who makes a living out of spying on users and selling that data to advertisers, which makes this argument moot.
Nope, I’m not one of them. But I have worked for large companies in the past and therefore have met them.
The GDPR has done substantial good, not least in just getting people to talk about this sort of thing. But the cookie banners are and always have been ridiculous and a sign of one of its failures. An outright ban on surveillance capitalism business models would suit me better.