Why won’t you let them protect your privacy???
To be fair, I can actually sort-of see a specific point here:
They are legally required to offer you that cookie choice. If you block that choice, are they in violation of the law even if they cannot apply cookies? Just because their site does implement tech for it (even though you’re blocking it, but the law cannot know that) and they cannot show you the popup allowing you to reject the tech (since you’re blocking it)?
Weird thing. Doubt there’d be a clear answer without someone dragging someone else in front of a court for it, plus that’s of course not why CNN is blocking us here, but it’s an interesting thought whether they are even allowed to let you on if they cannot present you with the GDPR choice.
Yeah. GDPR should have been implemented as a mandatory part of HTML or even HTTP that interacts with a builtin browser feature. Let the user make the choice once, in the browser, and let the browser tell the visited site what’s allowed. Statutory compliance would mean something like
- browser detects and warns about cookies which do not appear to be in compliance with user’s preferences (optionally: browser can block cookies which do not appear to be in compliance)
- browser detects sites which do not implement the spec at all, and warns the user about that
- regulatory body checks for compliance on any site with over X number of users
- regulatory body checks major browsers for compliance
- any combination or all of the above
Sounds like do not track +
Yeah. GDPR should have been implemented as a mandatory part of HTML or even HTTP that interacts with a builtin browser feature.
Well, it kind of is. The Do Not Track header has recently seen a court win in Germany (source):
It turned out that the judge agreed with vzbv, ruling that the social media giant is no longer allowed to warn users it doesn’t respect DNT signals. That’s because, under GDPR, the right to opt out of web tracking and data collection can also be exercised using automated procedures.
And it is basically the same in California too Source
GPC is a valid do-not-sell-my-personal-information signal according to the California Consumer Privacy Act (CCPA), which stipulates that websites are legally required to respect a signal sent by users who want to opt-out of having their personal data sold.
Damn, that’s amazing!
They should just treat it as declined every necessary cookie and move on
It’s already supposed to be decline-by-default in this case (IIRC under GDPR)
Then why can over 100,000 other sites show their cookie banners as required by GDPR while Firefox + unlock origin is active, but somehow one of the largest media companies in America “just can’t do it” without disabling your ad-blocker?
If they really couldn’t do it, they would do like Home Depot did and block anyone in europe from accessing their site.
This is not about GDPR at all! This is exclusively about forcing you to disable your ad-blocker so they can make more money from offering a bad browsing experience.
unlock origin
Exactly, it works fine with third-party scripts blocked.
INVADING YOUR PRIVACY IS REQUIRED TO PROTECT YOUR PRIVACY
LET US IN!!!
"We’re tracking you for your privacy 🙄
In this case no not really.
The cookie you might be using is going to be storage that’s going to contain your preferences. Assuming they actually applied by the regulations they claim to then that cookie actually won’t be used to track you it will simply be used for the intended purpose of cookies in the first place.
Not that I agree with their approach but but they are essentially saying here is that since there is no way to save your privacy preferences they are not in compliance with the law by ensuring that you have set your privacy preferences. Which it’s kind of bullshit, dick move on their part.
It’s the most ironic part of GDPR. To avoid annoying the user, you have to set a cookie to remember that they don’t want you using cookies.
We should’ve encouraged everyone to re-implement the “DNT” request header, or something similar. Much simpler for the site owners/devs, much more convenient for end-users.
In EU law you do not have to ask for consent about storing preferences. Just for processing personal data, including IP address. So if they would not process personal data, everything would be fine.
The gdpr isn’t about cookies, it’s about tracking. Yes you should remember not to track if the user said so. Nothing ironic here.
“Protect your privacy” is literally why we use uBO…
“Protect your privacy from us”
you blocked the stuff we need to protect your privacy
holy shit fuck you you lying fuck
They could be telling the truth… It’s possible that OP is in Europe and the ad blocker is blocking a GDPR cookie consent notice.
The message explicitly mentions EasyList Cookie, which is described like this on https://easylist.to/:
EasyList Cookie List blocks cookies banners, GDPR overlay windows and other privacy-related notices.
Edit: I’m not agreeing with what they’re doing. I’m just saying that the message may be accurate. Having said that, maybe blocking a cookie banner should count as an opt-out, so they shouldn’t show this notice and instead just automatically reject the cookies. I’m not sure if the law is clear around this, though.
If you want to opt-out of tracking cookies, consent-o-matic will likely work better. It automatically clicks the right buttons in the consent notice for you.
Edit 2: The law seems unclear about what to do if the consent notice is blocked by the viewer’s browser (and thus they can neither accept nor reject cookies), so maybe blocking access to the site is likely the safest approach for them to take.
Imagining a returning user who previously consented. If non essential cookies changed since their last visit, that user needs to consent again. But in scenario, just auto opt them out? I’m weirdly on the fence between this might be a reasonable block or a violation of GDPR for denying access to users who do not provide consent.
I’m weirdly on the fence
Yeah I’m not quite sure either. I don’t think the people that wrote the cookie consent laws considered the fact that users may block or otherwise break the mechanism that sites use to show the consent prompt…
I’ve had it happen to me for a week or two now. US based. I always just figure if a site doesn’t work with my blockers, then I really don’t need to see it.
The law is done dumb. They should update it to say “the banner must always have a “reject all” button which rejects everything (including the legitimate interest) on it and it must not be hidden inside any further clicks”
I’m sick of having to search for that button under two sub menus or having to uncheck 20 check boxes. And what the hell is even “legitimate interest”? There’s nothing legitimate about any tracking at all. This phrase really offends me every time I read it.
The EU already updated it. Websites slowly follow to comply
No one has mentioned the good version of that site, https://lite.cnn.com – no ads, no bloat, works fine with UBO.
TIL!
and it’s mobile-friendly and distraction-free too
Thank you for this. Wow, such an improvement!
That’s amazing!
Oh my god, YES
This is awesome. I’m wondering if other companies have similar versions of their site.
Try text.npr.org. I think there a few more but that’s the one I remember.
CNN: We can’t ask if you want to allow cookies because you’re blocking everything
Me: Which means I don’t want you to……….?
CNN: No idea, we have to ask you.
Me: I’m so strict you can’t even ask meaning………?
CNN: You….
Me: Yes?
CNN: Uh………… don’t want……
Me: Yesssss………
CNN: To miss out on us asking you.
Hello! Would you like to destroy some evil today?
Yes, PLEASE press A a few times on this monster!
A
Thos but unironically. GDPR
GDPR doesn’t require them to ask if they would just not violate our privacy. In other words, it’s perfectly legal to assume “no” if they have no means of asking.
It’s not only legal to assume, it’s a requirement to default to “no”.
Tracking is opt-in.Indeed. If a site simply doesn’t send you cookies, there’s no question of GDPR compliance. Blocking the cookies amounts to the same thing.
I’m currently wondering if CNN may actually be in violation by doing this.
The requirement to not track users with cookies does not extend to cookies that make the site work in the first place, such as those which track your login session, or your refusal of other cookies.
so don’t track login sessions, etc.
no cookies, no problem with not having asked for cookie consent.
if the site breaks, it breaks, and leaving it broken is a choice users can make.
I just opened CNN on firefox with unblock origin on both mobile and desktop without issue.
I wonder if it has to do with the region you try to load it from. The message in the screenshot seems to indicate that it might.
could be that there’s been an update to the filters to deal with this issue?
seconded the success.
I can open CNN too, but once i click on an article I get the page OP has…
I viewed 3 articles, no issue. Cleared cookies & site data before hand to be sure I hadn’t already allowed them at some point.
I can confirm this behaviour, Fennec on Android with uBlock Origin.
Clicking the article works fine for me.
Are you in a GDPR protected area?
US, so probably not.
Windows/android?
I’m not experiencing any of this, but my setup is insane at this point. Ublock origin with a custom bypass paywalls filter list and noscript enabled… no ads… no blocks… Just content. Using mull on android with mullvad DNS.
Same, works fine. But I don’t block cookie popups, I have consentomatic handle them instead, plus Firefox is getting that built-in, anyways.
What if you refresh the page?
You think they might have updated something in response to backlash…? I had thirty-five blocked elements with Firefox and UBO. Fuck CNN…
Honestly CNN isn’t great and this screen is just a reminder to go somewhere else.
I just hope this isn’t a trend.
Sadly, it is a trend.
They’re doing you a favor
if you’re in the us, just donate to your local pbs or npr station and watch newshour/pbs world.
Aren’t taxes funding those?
Taxes only pay for part of it and it keeps getting funding cut over the years
Something like 15% comes from the federal government, 13% from state government, and 3% from local government. Roughly a third from the government in total:
https://pbsfoundation.bento-live.pbs.org/foundation/areas-of-focus/sustaining-pbs/
I agree with you but DW News is superior
I had that with “I don’t care about cookies” add-on.
I disabled it and then it blocked me for being from Europe. 🤷♂️
serves you right, you filthy European! /s
why comply with reasonable European laws when you can just make a malicious site and block European connections
I block CNN by not visiting their website.
The only CNN worth anything is CNN International, and that still works fine with all ad blockers raised. But even CNN International started pulling the same stunt, it’s not remotely good enough that I would miss it either.
CNN’s docuseries are actually incredible, but they air on Max anyway.
required components that protect your privacy
Talk about doublespeak. Double-plus-good, eh?
Well, guess we won’t visit CNN anymore 🤷
https://archive.is always has a backup of the current page. I stopped using CNN a few weeks ago.