Cookie diet - UK to urge G7 to reduce cookie pop-ups

[porina]

Quotes

Quote

The UK's information commissioner is to ask some of the most powerful countries in the world to join forces against cookie pop-ups online.

Elizabeth Denham will meet with her counterparts in the G7 (Group of Seven) nations on Tuesday.

Each country will raise a technology problem they believe can be solved with closer co-operation, with Ms Denham taking aim at cookie banners.

"No single country can tackle this issue alone," Ms Denham said. 

Summary

This might be a #firstworldproblem but cookie popups have been a bane of browsing for many years, appearing since around the time privacy rules started getting enforced. UK government will use the upcoming G7 meetings to try and do something about this. One country by itself wont be able to cause substantial change, but if the G7 gets on board this has a chance of going somewhere.

 

My thoughts

We've all been there. You want to look up something. Search results take you to a site you've never been to before. As it loads you get a cookie preference prompt before you can even see if what you're looking for is there or not. Do you click the easy solution and give everything: "accept all" and move on? Sometimes you might have a "reject non-essential" but they're relatively uncommon. Or worst of all, you either accept all or have comb through a long page of settings. Ain't nobody got time for that. Potential solutions include a software based default setting that will be reported to websites. Not surprisingly, companies relying on wider tracking aren't exactly happy about this, as most people would probably default to "reject non-essentials".

 

It should be noted that apparently the EU looked at doing something similar to this in early 2017. Given over 4 years has passed, can we assume it went nowhere, or are the wheels of politics that slow? 

 

Sources

https://www.bbc.co.uk/news/technology-58464747

 

[Bananasplit_00]

2 minutes ago, porina said:

Potential solutions include a software based default setting that will be reported to websites

You mean the already existing "do not track" settings

[RejZoR]

They turned cookies into massive cancer. And web admins did it on purpose just to annoy people by making them select individual cookies when disabling and plastering ACCEPT ALL in the front. Cookies should be controlled by browser as a default with simple flags for it. And should be enforced by law, not like that DO NOT TRACK nonsense that no one obeys at all.

[porina]

6 minutes ago, Bananasplit_00 said:

You mean the already existing "do not track" settings

If websites actually honoured that setting it might be worth something. Without a legal stick backing it up, it is nothing.

[Arika]

that would be nice.

 

I generally go hunting for the reject all non-essential on sites that i'm likely to visit more than once. if it's a website where i only need a single bit of information from i'll just click accept all and then leave.

[ki8aras]

i think theyll manage to pass it by referring to apple's recent change

 

advertisers will complain just like they did last time but who cares

[mariushm]

8 minutes ago, Grand Admiral Thrawn said:

I have a solution that obviously noone will follow.

Dear developers, grey out the 'Accept all' button like you do the button that lets you review the settings and instead make the 'Reject all' a fancy popping colour.

You are welcome.

The problem is those EU laws / regulations don't allow you to do that. They impose a minimum font size, a contrast, a minimum amount of vertical space on the view area has to be used for that notification.  

You would not be compliant if you make the notification too hidden, too blended in, and you could be fined with big amounts of money. 

[Sauron]

33 minutes ago, Bananasplit_00 said:

You mean the already existing "do not track" settings

Yeah, just enforce that by law and remove cookie banners, problem solved...

[Rauten]

<RANT>

F**K THIS MENU, AND F**K ALL SITES THAT USE IT

</RANT>

 

A simple browser setting to reject all cookies but the essentials would be very nice, indeed, but for now I'd take a mandatory and easily accessible "Reject All" for all sites.

 

42 minutes ago, porina said:

It should be noted that apparently the EU looked at doing something similar to this in early 2017. Given over 4 years has passed, can we assume it went nowhere, or are the wheels of politics that slow? 

Isn't our current situation, with the pop-ups to set your preferences, because of EU regulations?

It might not be great, but it's something.

[Stahlmann]

Have y'all heard of "i don't care about cookies"? It's a browser extension that does exactly what most people would want to do anyways: Reject all non-essentials. Plus it gets rid of the cookie consent popups. Then also enable cookie auto-deleting when closing your browser (Edge and Firefox have this feature afaik, not sure about other browsers) and you can also be free of all the hassle revolving around cookies.

[porina]

1 hour ago, Rauten said:

Isn't our current situation, with the pop-ups to set your preferences, because of EU regulations?

It may be in part due to earlier EU regulations back when cookies weren't so widely known about. "fix" one thing, break another. Repeat.

 

1 hour ago, Stahlmann said:

Have y'all heard of "i don't care about cookies"? It's a browser extension that does exactly what most people would want to do anyways

I hadn't, but it seems logical someone would come up with something like that. The question I'd have is, how effective is it? I haven't had a chance to dig into it yet, but questions I'd have are how does it work? Similar to an ad blocker? There are sites I visit regularly which I don't want affected negatively. Do I have to whitelist them?

 

Still, it is a patch over the symptoms, and is not a cure in itself.

[Stahlmann]

38 minutes ago, porina said:

I hadn't, but it seems logical someone would come up with something like that. The question I'd have is, how effective is it? I haven't had a chance to dig into it yet, but questions I'd have are how does it work? Similar to an ad blocker? There are sites I visit regularly which I don't want affected negatively. Do I have to whitelist them?

It's effective on 99% of the time from my experience so far. I've been using it a little over a year now and i can't remember the last time i've seen a cookie consent popup. I haven't really thought much about how exactly it works tbh. I have not noticed any issues on any site whatsoever, so a whitelist isn't really needed. It just blocks all optional cookies.

 

And the combination of auto-deleting the essential cookies takes care of cookies from sites you rarely visit. In Edge you can whitelist sites of which you don't want cookies to be deleted. For example i added YouTube and LTT forum to my exception list. Now Edge won't delete their essential cookies which allows me to stay logged in. And all the non-essentials get blocked either way by "i don't care about cookies".

 

The combination of AdBlock Plus and i don't care about cookies is basically what i instantly install in every browser i have to use. Even on my work PC these two were automatically installed by our IT department without any input from me. They're essential for a decent browsing experience imo.

[Vishera]

It's about time to change that,

And it's especially annoying when you have self-deleting cookies set up (me and my privacy tools)

[RejZoR]

What pisses me off are webpages that shit themselves if you block the cookie dialog. Epic Games Store is one of them and some Electrolux webpages for B2B partners also do this crap. So annoying.

[tikker]

Good. While they are at it can they also punish websites for making it extremely cumbersome to deselect the billion options (forcing to do it manually) and making the "reject all" or "save and close" buttons hard to find (grayed out, near the bottom)? I guess it's something that they adhere to having to ask for consent, but not when you are actively punished if you don't.

[Forbidden Wafer]

Meh, force web browsers to drop cookies support and problem solved.

[ARikozuM]

17 hours ago, Bananasplit_00 said:

You mean the already existing "do not track" settings

That works about as well as standing in front of a gun web address thinking God will protect you. Unless "hello_my_child.mpeg" is the webpage you're looking for. 

[Arika]

1 hour ago, Forbidden Wafer said:

Meh, force web browsers to drop non-essential cookies support and problem solved.

need this in there.

 

I really don't want to have to log into every webpage each time i open a new browsing session

[Forbidden Wafer]

3 minutes ago, Arika S said:

need this in there.

 

I really don't want to have to log into every webpage each time i open a new browsing session

Can't the browser log in automatically using saved credentials + preferred account for each site? 

 

Session cookies are super unsafe (e.g. EA hack).

[Arika]

5 minutes ago, Forbidden Wafer said:

Can't the browser log in automatically using saved credentials + preferred account for each site? 

which uses cookies.

[Forbidden Wafer]

24 minutes ago, Arika S said:

which uses cookies.

To keep you logged in, yes.

 

To log you in? Just get the credentials from the password manager, fill the username+password fields (which should be standardized anyways), and click a button/post automatically? Not really.

[Kisai]

19 hours ago, RejZoR said:

They turned cookies into massive cancer. And web admins did it on purpose just to annoy people by making them select individual cookies when disabling and plastering ACCEPT ALL in the front. Cookies should be controlled by browser as a default with simple flags for it. And should be enforced by law, not like that DO NOT TRACK nonsense that no one obeys at all.

No no. This is literately "well if it isn't the consequences of my own actions" situation.

1. Advertisers used cookies

2. People started blocking ads that weren't terribly intrusive

3. Ads got more intrusive

4. EU cookie rules took effect, making it a supreme nightmare for websites to operate in the EU what-so-ever, so they just shoveled the responsibility for cookie management to the advertisers themselves, with a "if you want to keep showing ads, clean the bed you peed in"

5. Legit Advertisers came up with a simple "accept all" to accept the cookies in their favor, of if you really gave a care, you'd look at the popup and select "reject all". Crappy advertisers did nothing and flaunt the rules. Google is somewhere in the middle being not in enough control of third party ads, yet just enough control to enforce this cookie problem.

 

They want you to let them personalize the ads.

 

The problem is that they can't share that data with any other website, so that's why you get the popup on every single website. Blocking the popup means sites like reddit, linustechtips, ebay, amazon, etc DO NOT WORK.

 

And how do we fix this now?

 

Block third party cookies BY DEFAULT. ALWAYS. If a site needs to communicate with another site, let it do it via the backend.

[Kisai]

1 hour ago, Forbidden Wafer said:

Can't the browser log in automatically using saved credentials + preferred account for each site? 

 

Session cookies are super unsafe (e.g. EA hack).

Nope.

 

I'll give you a recent example. Google keeps logging me out of the dozen gmail accounts I need to do one one of my jobs every 2-3 days. The only way I can stay logged in is by logging into CHROME so it retains a persitant connection and then opening a dozen more chrome windows for each gmail account. It will stay logged into the first account perpetually, but all subsequent ones it will still logout of after a few days.

 

What would be the easiest fix? going back to bloody imap-based email clients. 

[RejZoR]

@Kisai

 

"People started blocking ads that weren't terribly intrusive"

 

I guess you're too young to see flashing GIF and Flash ads all over the pages. Also saying shitty ads on Youtube that always jump in your face out of nowhere with triple the volume of video you were watching aren't annoying as f**k, then I'm not sure you're even on the same internet everyone else is.

[LAwLz]

31 minutes ago, RejZoR said:

@Kisai

 

"People started blocking ads that weren't terribly intrusive"

 

I guess you're too young to see flashing GIF and Flash ads all over the pages. Also saying shitty ads on Youtube that always jump in your face out of nowhere with triple the volume of video you were watching aren't annoying as f**k, then I'm not sure you're even on the same internet everyone else is.

Yeah I am not sure who in their right mind thinks that ads weren't intrusive before adblockers. 

 

I can't remember when the first Adblock was released, but it's pretty safe to say that adblocking wasn't common until at least Chrome supported extensions. Firefox had extensions before but I don't think a substantial amount of people used them. 

I know for a fact that the "SAY SOMETHING! WHAT?" and "OH MY GOD! NO WAY!" ads for smiley central existed in at least 2006. Chrome got extension support in late 2009 or early 2010. So about 4 years later. 

 

Annoying ads were a thing long before Adblockers became common. Adblockers were created because of annoying ads, not the other way around.