Comment by 8organicbits
2 months ago
I wonder how many people provide consent through these banners. Is it frequent enough to be worth the terrible user experience?
I know some sites use dark patterns in their cookie banners, which I consider to be a helpful hint that the company doesn't respect the users.
Considering that for most banners the "consent" is the easy option I assume a lot. People want to get rid of the banners.
However I claim the point of the bad UX is to make users angry and then have them complain about EU etc. "demanding" those. In order to weaken the regulation of tracking. If they are successful (and they are making progress) "no more cookie banners" is a lot better headlines than "more tracking"
The failure of the EU was to not write into (an updated version of the law) that setting a specific HTTP header means "no", and "no" means "no" not "show me a popup to ask" (i.e. showing a popup in such cases would not be allowed).
It wouldn't matter because most of the consent flows you see are already not compliant. The problem is a perpetual lack of enforcement even for the blatant breaches. An HTTP header wouldn't change the situation, websites would still ignore it and still get away with it.
2 replies →
Those are technically in violation of the GDPR since the opt out is required to be just as easy as the opt in.
No, they're directly in violation. This is fully settled; it's just that some companies are counting on it not being "the thing that gets an enforcement action".
How is ease of opt out versus opt in objectively measured?
Most of the time both options are presented clearly and within a few pixels from each other, but opt-in is usually slightly more eye catching and/or more appealing. But the effort in terms of distance for mouse movement or number of clicks is the same. While that’s a design trick that will improve % of opt-in, how can it be argued that the opt-out was not as “easy”?
2 replies →
In recent pop-ups, you are technically opted out by default(or at least that is how it is presented, I have not actually checked their cookie activity).
It is two clicks to confirm that choice and dismiss the pop-up versus one to accept all cookies but if you choose to interact with the site and ignore the pop-up instead, you are supposedly non-essential cookie free by default.
Then how is it some websites (I think the one I'm thinking of is The Sun or The Mirror) paywall the decline option? Presumably this is just illegal?
Except there are plenty of websites that are: accept cookies (yes) (no - you must pay), which is an extreme breach of GDPR.
But GDPR is toothless and ill thought out.
1 reply →
I have been on a call with a CMP where they got mad at me for not resetting our user's preferences and because our 'do not accept' was high due to the fact i refused to de-promote it via a dark pattern. I kid you not.
fwiw; looking at our stats for the past year: No consent: 40.8% Full Consent: 31% Just closed the damn window: 28.1% Went through the nightmare selector: 0.07%
~1.5M impressions from GDPR areas
Most of the sites use dark patterns in the banners, from not presenting decline option to hiding and renaming it to be unrecognizable. For example I make an effort in always picking Decline All option if available and the practice shows that I click on Allow All in about 20-30% of all banners, because it was impossible to avoid. So I safely assume that general population clicks Allow All even more.
From what I understood—but I think it's been added more recently—declining all optional cookies must be as easy as accepting all cookies.
Exactly, it is defined in the GDPR law that declining should be as easy and accessible as accepting. So all of those companies with dark patterns are breaking the law.
It's always those awful websites with a million popups, adverts, sites that reflow after 10 seconds, etc. They would be horrible to use even without the cookie banners.