• TheEntity@kbin.social
      link
      fedilink
      arrow-up
      40
      arrow-down
      1
      ·
      10 months ago

      GDPR doesn’t require them to ask if they would just not violate our privacy. In other words, it’s perfectly legal to assume “no” if they have no means of asking.

      • sanpo@sopuli.xyz
        link
        fedilink
        English
        arrow-up
        22
        ·
        10 months ago

        It’s not only legal to assume, it’s a requirement to default to “no”.
        Tracking is opt-in.

      • xantoxis@lemmy.world
        link
        fedilink
        English
        arrow-up
        11
        ·
        10 months ago

        Indeed. If a site simply doesn’t send you cookies, there’s no question of GDPR compliance. Blocking the cookies amounts to the same thing.

        I’m currently wondering if CNN may actually be in violation by doing this.

    • FishFace@lemmy.world
      link
      fedilink
      English
      arrow-up
      12
      arrow-down
      1
      ·
      10 months ago

      The requirement to not track users with cookies does not extend to cookies that make the site work in the first place, such as those which track your login session, or your refusal of other cookies.

      • Delta_V@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        10 months ago

        so don’t track login sessions, etc.

        no cookies, no problem with not having asked for cookie consent.

        if the site breaks, it breaks, and leaving it broken is a choice users can make.