Which is their prerogative[1]. I'm just pointing out that the people who run the EU's official websites aren't able to operate inside those bounds, so it's fair to say those bounds are not commercially reasonable in general for functional sites. QED the banners are de facto required.
1 - The extensive reach of the law is breathtaking. The EU claims jurisdiction over any web property, based anywhere in the world, that might be seen by an EU national.
For example, the European Parliament website uses third-party cookies for analytics and for Web streaming. Yes, they can run the whole stack themselves. It is also a) more work and b) not how most of the industry works.
The European Parliament with the resources of the EU, finds it expeditious to use 3P cookies and just display a cookie banner. How reasonable is it to expect sites with fewer resources to do similar interesting things on the Web without also falling afoul of the EU law?
For all I care your site isn't required to be commercially viable. If you aren't able to convince the customer and instead opt for so-called cooky-terror banners as a dark pattern with the primary goal of de-sensitive-izing users, you don't deserve my cooky. Opt-in means legislation has passed this view into law, with the quirk that the dark-pattern is fully expected because the industry needs a sort of legitimization for the use of private data. Small companies usually suffer under compliance, no doubt.
Besides, what has this to do with AI prompts? No doubt they want to analyse every single interaction as a sort of supervised training for free. This does not rely on third party cookies, but it might benefit from making identifications which somebody could argue are not essential to the service as advertised.
Is that the kind of tooling that site operators have grown to find indispensable over the last couple of decades, that you mention?
It's related via my question about EU digital regulation, although Gemini is likely on hold due to the DMA and not GDPR. The question was more about how willing are EU residents to forego technological advances under their more muscular regulation regime.
Not really, it's about the rights of people represented by the EU.
By analogy, it would be like the US asserting that the Constitutional rights of its citizens travel with them, and so they have the right to carry guns in any country.
It's an expansive approach.
It is.
> The EU claims jurisdiction over any web property, based anywhere in the world, that might be seen by an EU national.
Not really! The EU simply claims jurisdiction over any company that trades in the EU. The company doesn't have to be a "web property" - if you sell cars, or food, or medcines in the EU, you have to accept EU jurisdiction. If you want to operate a web property that is accessible in the EU, that's fine; but don't have a EU trading arm if your web property isn't GDPR-compliant.
The EU claims jurisdiction, they just lack an effective enforcement mechanism for sites that do not have a financial nexus inside the EU. (Perversely, this creates an incentive to not create such a financial nexus, including hiring anyone inside the EU.)
