Does the GDPR define what the default behavior should be when the user refuses to specify? Does it vary by site? Is it like clicking either “Accept all” or “Reject all”?
You must log in or register to comment.
Try Consent-O-Matic if you’re tired of doing it manually for each website
Legally, the user has NOT allowed ANY cookies then. (The law still allows the technically needed ones)
But in practice, it is not easy to find out what a website does.
I have a question, it’s maybe stupid but still:
Aren’t cookies, like, files on your device?? Can’t you just forbid websites to write anything to disk??
Legally, you are right.
Technically, browsers do not offer all settings that you can dream of.
and in practice, if you want a website not to recognize you from one place to the next, you need to make it TECHNICALLY impossible for them to do that (depending on severity: private browsing, IP changing, Tor), not just legally declare you don’t want them to
Install privacy possom and be done with it I say. You can set it to auto reject those popups
What happens when I ignore the cookie preference dialogue on websites?
You get stuck with the leftovers; which is usually the maple flavour or those really really dry shortbread cookies that feel like dust in your mouth. And you’re not allowed a drink of milk to wash it down.
It helps to get in line early for your cookie preferences.
What? … Wrong cookies?
Sorry about that. I stand by what I said however.
There is no reject all in GDPR, because functional cookies are still allowed. So the default behaviour is only functional cookies are allowed.
Edit: Companies have been fined for making cookie options too complicated, under GDPR all other cookies are opt-in. This is what a banner should look like:
So if I open the cookies settings and deselect all that can be deselected, is it the same as necessary cookies only?
Correct, if you want to live cookieless on the internet you have to disable them in browser. But as others have said, this will break the majority of websites.
Functional cookies can never be used for identifiable information, only to ensure the functionality of the website.
What functionality do they ensure? I understand web games and webapps, but like any website now has cookies
There’s many reasons, site specific settings like selecting a language or if a certain popup message been dismissed by the user so it’s not shown again. Sorting settings, dark/light mode or what stage of the signup process the user is at.
Altough I agree many aren’t a necessity and could be eliminated by better software design.
Any way i can report a website for violating this rule because I see it constantly everywhere and it seems to have no consequences.
GDPR infringements are categorized by severity and impact to its users, but also by the yearly turnover by said company. Meaning cookie banners by smaller companies are low priority.
You could try contacting the relevant Data Protection Authority from your country or the providers country.
Good to know that’s the default. I do definitely see prompts that have “Reject all”, plus some banners that only have “Accept all” and “Cookie settings”, with “Reject all” or “Necessary cookies only” only visible in the cookie settings. Thanks.
they shove all their “special” cookies up your computer’s ass and it gets super stoned and forgets it’s not supposed to tell you about how they’ve already taken over the world.
legally as mentioned elsewhere, it’s supposed to treat it as a rejection, except for “necessary” cookies. but, eh… I’m not sure I would trust that. if there’s a website you’re concerned pushing cookies, use firefox’s private window mode. (I wouldn’t trust chrome to not just pretend like incognito actually did something. while it really does nothing.) all cookies are sandboxed, and deleted after you close the browser.
