Comment by maccard
5 hours ago
> This is such a tired HN cliche response and it comes up as a negative whenever people mention things that actually improve users privacy, even ad blockers.
We’re talking about regulation here. Some things (like ad blockers) are a unanimous win for privacy but have nothing to do with regulation.
> If some website is breaking GDPR regulations, sure, you might get somehow fingerprinted.
The ePrivacy Directive (cookie law) has nothing to do with GDPR. The directive only deals with cookies, and informed consent for the cookies. If the goal is to improve privacy it’s a failure because it doesn’t touch any of the other numerous ways that tracking happens. If it’s to improve how websites handle cookies then it’s succeeded there I guess, but to what end?
GDPR on the other hand is a better attempt. It’s not perfect but it actually gets to the heart of it. GDPR changed behaviours, the cookie law slapped a banner in front of half the western world and continued as things were.
Most of this reply has nothing to do with mine.
Your post that I replied to was about fingerprinting caused by DNT.
This has nothing to do with ePrivacy. Websites don't get to "follow one regulation but not another", so if you fingerprint someone and create an ID that can identify someone, that's PII. If you don't get consent, you're breaking GDPR, period, regardless of following ePrivacy or not.
Once again: the DNT header is only an issue for fingerprinting and side-channels on website that DON'T follow GDPR.
I mentioned ad blocking because anti-ad-blocking posts here also mention the same concern about "ad blocking helping fingerprinting".