story
There was a time where you could just close the tab if it was that bad, but now pretty much all websites are like this so there's no choice.
Enable the uBlock "annoyances" filters to staunch the tide of popups.
[0] https://github.com/mozilla/readability/#isprobablyreaderable...
If I have to wait for all the ads and banners and fonts to load anyway, most of the benefits of reader mode are removed.
You are right about all the rest.
You don't /need/ them if you only have essential cookies:
> At GitHub, we want to protect developer privacy, and we find cookie banners quite irritating, so we decided to look for a solution. After a brief search, we found one: just don’t use any non-essential cookies. Pretty simple, really.
"only"? No, they are here because you use non-essential cookies AND regulation says you must ask visitors about them.
There is no need for pop ups under the gdpr. If you are handling personal information, giving cookies etc which aren’t required (E.g to sign in), then ask at the point of signing in/up. Otherwise you don’t need to set cookies, you might want to, to track and monetise your visitors, but that’s different.
There are many cases where what publications consider "essential" for their business do not match what the EU has decided is "essential".
Heck, when GDPR was first proposed most publishers assumed advertising would be allowed under "essential" business uses since they can't provide content if they don't get paid. Clarification on this only came a couple of months before GDPR enforcement started, causing a bit of a scramble for publishers and advertisers.
If you want to track unique users, well, you're not supposed to unless the users opt in (not avoid opting out!), and you have to accept that at least a part won't - the society and law has decided such desires are not legitimate unless the data subjects themselves want that.
Those are legitimate cookies for which you don’t need to ask an authorization.
> How are you supposed to count unique users that visit your site?
https://plausible.io/blog/google-analytics-cookies#how-can-p...
> These are legitimate questions a publisher may want to know to improve their site, but are not allowed under GDPR without a specific notice and opt-out.
Why would the publisher’s questions be legitimate and the user’s right not to be tracked no? You can still answer those questions but you need to ask for permission. A physical store owner has also a lot of questions but they’re not allowed to follow you everywhere in the store and in the street.
> Heck, when GDPR was first proposed most publishers assumed advertising would be allowed under "essential" business uses since they can't provide content if they don't get paid.
That’s a really weird reasoning. Should drug dealers be exempted from police controls because their activity is essential for their income and so for their life? Earning money is necessary, but there are multiple ways to do so.
You're not supposed to A/B test at all. Users are not test subjects.
> How are you supposed to count unique users that visit your site? How are you supposed to figure out why most users bounce?
You're not supposed to. You simply aren't entitled to any of that information.
> These are legitimate questions a publisher may want to know to improve their site
It doesn't matter how "legitimate" it is or how much money it costs publishers. The attempt to learn these facts requires collecting identifying information and that is harmful to us.
The least you can do is ask permission.
> There are many cases where what publications consider "essential" for their business do not match what the EU has decided is "essential".
That's by design. Nobody really cares what an industry that's being regulated thinks. Obviously adtech considers it "essential" to collect as much personal data as humanly possible.
What matters is what society thinks and we think sites work just fine with all the tracking disabled.
> publishers assumed advertising would be allowed under "essential" business uses
Advertising is allowed. It's just the abusive adtech model of targeted advertising that requires consent. Nothing stops people from signing a deal with some brand and serving static images or something. As long as it's not surveillance capitalism it's fine.
EU Directive 2009/136/EC
It applies to the legislatures of member states, which I believe doesn't yet include the USA.
Perhaps the clause you are thinking of is this one:
"(33) Customers should be informed of their rights with respect to the use of their personal information in subscriber directories and in particular of the purpose or purposes of such directories, as well as their right, free of charge, not to be included in a public subscriber directory, as provided for in Directive 2002/58/EC"
That directive doesn't call for a mist of popups to flash before your eyes before you can read content. It could easily be satisfied by a menu option that allows you to set your preferences. The mist of popups is caused by a bunch of angry data traders who don't care how much they annoy their users.
Incidentally, citing a directive from 2009 is a bit anachronistic: that directive is overridden by the GDPR.
Tracking cookies are not mandatory. You are not obligated to present cookie banner: you can simply drop nonessential cookies.
Your business problems aren't our concern. If you're financing your business by stealing personal information from users and selling it to data brokers, then you're a crook. Crooks tend to have high hosting expenses.
If following the requirements of society makes your business unprofitable, too bad, having a business is optional, following the requirements of society is not.
Correct. I've only run a handful of websites in my life, but not one of them has ever served ads.
I believe they are a protest by largely US-owned companies against regulation, designed to annoy internet users and turn them against regulation.
Even if this is true, it's something that should have been expected by EU legislators. Their beliefs seem to be that companies are acting in bad faith by secretly tracking users and misusing the information that they gather (basically true), and also that if they impose vague rules that companies need to get consent for tracking then they'll act in good faith and give users clear and convenient ways of opting out (ha ha ha).
If I look at the changes implemented by local telecommunications companies, local banks, local supermarket loyalty programs, local pizza delivery chains, local real estate brokers, etc - these types of businesses had all kinds of widespread shenanigans before GDPR, but now they overwhelmingly have acted in good faith, and have given users clear and convenient ways of opting out (because, really, they didn't have a choice). Like, we don't see EU phone carriers selling location data to advertisers the way they do in USA - now that is a significant thing compared to some blog putting on a cookie.
For most companies, the transition has happened reasonably well - it's just that a few (but large and highly visible) global companies are holding out because of political reasons preventing enforcement - mostly stemming the fact that Ireland's DPA is currently permitted to unilaterally shield them from the rest of EU and has motivation to do it because it's financially beneficial for Ireland to have Facebook/Google/etc have their EU domicile be in Ireland.
It has been - the regulation explicitly outlaws such malicious pseudo-compliance. The problem is that GDPR enforcement has been severely lacking, so malicious actors are allowed to run free.
