The cookie dilemma

Out of principle I always reject all, even though they are blocked by pf blocker anyway.

Been using it for a long time. In my experience it covers maybe 30 or 40% of sites only.
- I still don't care about cookies seems to work for the rest for me!
I'll have to give this a shot. Thanks for the link!
Also, enabling cookie notice blocklists on ublock origin

Today i had a new one:

[ Accept ]

Or

[ Pay to Reject ]

That's when you choose option 3:
[Close tab]
Was it The Sun (the shitty tabloid)? I've seen people get that on it.
- It's on many German sites. One of them the tech news site heise.de that regular reports on court rulings deeming the practice illegal.
- Presumably because no one is actually prepared to pay to read the sun. It's not like it contains any actual news anyway.
- It feels like every uk news site does it. The guardian and the independent are the ones I have trouble with the most. Reader mode "fixes" it though.
- The guardian also started doing this
Gdpr seemed like it was designed to ban this, but lately companies (especially German ones?) seem to be trying this. I guess it won't be resolved without a big, slow, expensive court case.
- GDPR wasn't designed to prevent this. It's a simple choice: accept tracking and get stuff for free OR pay them for stuff with no tracking.
  Everything doesn't have to be free on the Internet
  Some companies got into trouble because their pop-ups weren't clear enough as to the consumer's rights per GDPR. So they paid the fine and fixed their wording.
  When I want to read something e.g. on t-online.de, I do it in a private browsing window. Not perfect, because of fingerprinting, but better than nothing. Or I skip the article and go somewhere else.
I keep seeing this a lot lately. I also saw one that had the style from the image (accept all or refuse maybe), but if you hit refuse, a second one popped up that said:
[pay to read]
Or
[read for free]
I opened it in private mode and read for free just let me into the article. I’m guessing it accepts all.
lemme guess
website owned by webedia
PopUpOff:
[Not Even Playing This Game]

I need to verify this, but I vaguely remembered you’re supposed to be able to exit these safely in two clicks maximum, though they sometimes obscure it.

Usually, it’s something like “Customize” then “Save” without checking anything, or just “Reject All”.

it's even more straight forward than that; accepting and rejecting has to be the same number of steps.
- So basically 90% of sites aren’t GDPR compliant.
Correct. But companies seem to not give two fricks about it. There should be harsher punishments in place.
Somebody should in some way pass that information to the companies then.
I've seen a few sites set the toggles so that the on position is for options out instead of allowing the use of.

Unlock origin and you won’t see a cookie message ever again.

Ublock origin, but yes.
- No. Uclock Origin.
- Hehe, naughty keyboard attacks again :)
Is that something you have to enable? I've used ublock for years but I still get cookie popups
- Yes. Settings > Filter Lists > Annoyances
- settings, filter list and cookie notices. select both lists there.
I take it one step further and set it to "medium mode" as well
https://github.com/gorhill/ublock/wiki/Blocking-mode:-medium-mode

~~Accept all~~ Block all

And then the companies get all uwu but adblocking is stealing and damages our revenue! 😭

"Save preferences"? Save them where exactly?

In the strictly necessary cookies that you can't turn off you silly billy
- This is where they get you.

Install "I still don't care about cookies" on Firefox based browsers.

Cookies are declined immediately and the banners closed. Works most of the time unless it's a custom non-standard cookie prompt implementation.

You're welcome.

Consent-o-Matric also works great on Firefox
- I too use this.
It dosn't delete cookies. I use 'Cookie Autodelete' for that togehter with 'I still don't care about cookies', which is the community version of 'I don't care about cookies'. It is much better at removing the Popups.
- I would recommend enabling strict mode in Firefox. But then Cookie AutoDelete does not work in Firefox if you enable Total Cookie Protection (which is enabled in strict and standard mode).
  But you don't even need an extension to prevent cookie persistence.
- Also try LibreWolf if you want to discard cookies by default
Cookies are accepted immediately and the banners closed
- For those wanting more information, the extension description states:
  This add-on will remove these cookie warnings from almost all websites!
  In most cases, the add-on just blocks OR hides cookie related pop-ups.
  When it's needed for the website to work properly, it will automatically accept the cookie policy for you (sometimes it will accept all and sometimes only necessary cookie categories, depending on what's easier to do).
  It doesn't delete cookies.
- No, not really, and taken out of context. Glad someone replied to you already.

The part that annoys me is that I have Do Not Track enabled in my browser and there's one (1) website I use that respects this choice, as intended by GDPR. (geizhals.de)

All others choose to bother me about their stupid ad tracking.

The Do Not Track header has been discontinued by most browsers. It's the sad state of affairs.
In an ideal world, all websites shouldn't even show a cookie alert if you have that header on.

Malicious compliance writ large.

Also, the number of hurdles you have to clear for this tells volumes about where the site owner priorities lie.

Hence why the EU is now forcing an "easy way to decline". All compliant websites have a "reject all cookies" button now.
Which I learned on accident, because normally I have Ghostery installed, which just rejects all cookies automatically.
- I'm pretty sure that was the law from day 1 and the only difference is they're starting to crack down on it now
- There was some controversy around Ghostery. A number of years ago, I believe they were allowing anyone who paid them money to not be blocked. They have since reversed track, but I won't ever use their plugin again.
  I was wrong. It was Adblock plus
- Don't use Ghostery anymore

I think people really misunderstand cookies and have been lead to get angry at exactly the wrong things which actually give the biggest companies huge advantages so they're fine with all of this mumbojumbo.

When you cant have local cookies, or there are hoops, companies that need not bother with this because they own your browser (Google) or companies that own major search engines (Google) or companies that most other companies rely on for ads or social media integration etc (Google) are tremendously advantaged.

Now, basically only Google can collect a wholistic profile of a user, while regular websites must now waste extra man power implementing completely useless cookie preferences when in reality this should have been simplified, at worst, to 3 buttons.

All, No Marketting, No Telemetry.

Anything else is just the user wasting their time or destroying the functionality of a website for no reason/requiring busy body work to comply with ill conceived regulations.

With the downfall of third party cookies in most browsers, cookies literally just serve as some temporary storage for websites on your local machine. Cookies existing or not existing arent what control whether you are tracked, especially given all the fancy fingerprinting that goes on nowadays.

Just use a browser that doesn't save cookies. Then accept all.

https://en.wikipedia.org/wiki/Device_fingerprint
- Are you trying to suggest that I would be better to just deny the cookies? I don't know what you're trying to say by linking to that article.
  Device fingerprinting as a technique it's pretty easy to defeat. There are plenty of privacy focused browsers that will also include device fingerprinting protection. In fact pretty much any browser that doesn't store cookies will also do this device fingerprinting protection as well.

i just disabled cookie persistence in my browsers.

now it doesn't matter if i click accept all or not

It does, the GDPR does not talk about cookies but tracking consent. Cookies are one of the tools for tracking.
Also disabling cookie persistence does nothing against in session tracking.
- Maybe I'm getting things backwards here, but wouldn't disabling cookie persistence actually stop some of the more malicious forms of tracking, where different websites track your activity across websites? I'm not an expert on this specific matter but my understanding was that website A saves a cookie in your browser, which website B then uses to identify you (maybe with some extra steps of shipping that data off to some data broker or w/e but you get the picture). I thought that disabling persistence would stop that from occurring in the sense that once your restart your browser and go to website B, there is nothing from A for them to look at.
- They aren't asking me for permission to track me, they're asking permission to save cookies to that end.
  I refuse them the permission they are legally required to acquire from me

https://addons.mozilla.org/de/firefox/addon/consent-o-matic/

Also available for other browsers.

Wow, thank you!

Block all 3rd party cookies by default. Done.

Ublock origin is always the solution

That doesn't remove cookie prompts
- It totally can of you enable that block list in the preferences/settings.

Block. According to the GDPR consent has to be explicit, so never pressing "Accept" is surprisingly a valid tactic.

Enforcement, however, is a different story.

Settings -> Privacy and Security -> Enhanced Tracking Protection -> Custom -> All cookies (will cause websites to break)

Open site -> it breaks -> do i really need it? (no) Move on to the next site. (yes) Ctrl+I -> Permissions -> Set Cookies - uncheck "Use Default" - Allow

ublock has filter lists for these things. Doesn't always work but helps a lot.

the nice part is that if you don't ever respond to the popup, they are not allowed to presume you accepted

Consent-o-magic

And when I finally lose my shit and just press "accept all" and "save my preferences for an eternity along with all my private information", it still pops up every single time!

And then you have to hope they honor your choice.

Reject all

~ tada! ~

Yeah, it's also super easy to prove P!=NP. Just do this one step:
prove it
~ tada! ~
Idk why anyone is still struggling with it.
YMMV. Some of the pop ups like to make the "Reject" button difficult to find.
Legitimate Interest has entered the chat

Accept all with Cookie Auto delete, best of both annoying worlds

These forms are actually about consent of tracking and cookies are just one of the ways to do tracking. You're still consenting to tracking.
Also Firefox Total Cookie Protection is a better solution for cookies. You should enable strict mode and Cookie AutoDelete does not work with Firefox strict mode.

I will on rare occasions accept all if the site gives me the option to reject all but necessary.

Just install Cookie Autodelete

These forms are actually about consent of tracking and cookies are just one of the ways to do tracking. You're still consenting to tracking.
Also Firefox Total Cookie Protection is a better solution for cookies. You should enable strict mode and Cookie AutoDelete does not work with Firefox strict mode.

Should have been handled on protocol level. Cookies get priority levels, set browser to only accept required cookies and done. Everyone just wanted to do it the easy way... add a banner and ask the user.. or dont even make the banner, call a third party library that does it for you.. and has its own tracking code.. yay!

We also had the Do Not Track header, and then Microsoft fucked it up and now no browsers support it.

Why oh why didn't the lawmakers add an obligation to use a standardized cookies selection popup.

I remember day one of it coming into effect and it was already obvious this was a necessity.

Lobbying. One of those laws pretending to do the right thing but sabotaged.

Or maybe its even worse than that. Before you could just have the cookies deleted. But if you do that now you get the awful popup every time, so you just accept them in the end.
I know I do.
This law has made me accept cookies spying.

That's already part of the GDPR, companies just aren't complying with it.
From the official GDPR site:
To comply with the regulations governing cookies under the GDPR and the ePrivacy Directive you must:
Receive users’ consent before you use any cookies except strictly necessary cookies.
Provide accurate and specific information about the data each cookie tracks and its purpose in plain language before consent is received.
Document and store consent received from users.
Allow users to access your service even if they refuse to allow the use of certain cookies
Make it as easy for users to withdraw their consent as it was for them to give their consent in the first place.
- "Make it easy"
  If you make a vague law that companies can circumvent they will do it.
  That's why you force the use of a standardized menu, because nothing else makes sense, no? The same way you don't leave it to the tobacco manufacturers to implement the warnings on the box ; you force them all to adopt the same one that's clearly visible.
  It feels like it's either severe incompetence, or the work of lobbyists. But I don't know enough about the matter
Because those laws were made with good intentions in mind.
But businesses never have good intentions, especially if it eats into their revenue. So they use malicious compliance to make it seem like it is the law that is bad.
- So really naive lawmakers then? Come on, that's not how you make a company obey, everyone knows that, yet legislators time and again do an oopsie and make a highly symbolic law that obviously won't work because there's no coercion!

I don't understand why US sites display this when their audience is US only.

Which US sites have US visitors only? Apart from government.
California also requires this, as well as Canada
Probably from a common template.

The correct way to deal with cookies : eat them!

I may have diabetes...

Or just use PopUpOff.

I don't consent to jack shit that tries to hold my time hostage lol

In the EU: bottom is same as the top one (but I still have ghostery etc).

Just use Ghostery, mate. Does it all for you.

Just leave that website and find somewhere else to do business.

So, probably stupid question.

If a website pops up and asks for permission, and I bypass that pop-up in some way (like killing the pop up with an addon or some you can just ignore it and keep scrolling with it on the bottom of the screen)

Until ive clicked agree, do websites just not start tracking or creating or doing anything with cookies? After all, they've acknowledged they need, dont have permission.

Or is this by and large pointless, and unless ive jumped through their hoops, they've already started the page with cookies enabled?

If the site is GDPR-compliant, they are not allowed to set any cookies until you click the accept button. But, a ton of sites and ad agencies are not. For example, Russians commonly just put a "we tracking you, deal with it. [OK]" banner, thinking they are funny, when it's clearly illegal even by Russian law, but they are shielded from it by responsible officials incompetence. Same story in the US, I believe.

10

Besides opening up and viewing a lot of these sites on private tabs, I'm just getting used to cleaning all cookies after I finished checking up what I wanted.

Just use Firefox strict mode, no need to do the work when it can be automated.

Been using Hush, works pretty well

The easier way is to do it in your browser.