That doesn't prevent dark UI patterns to highlight "Accept" and hide "Reject" as much as possible, or not having a "Reject all" button. Some sites deliberately make you manually click on "Reject" for each "ad partner", at which point I bail out or disable JS or scrape the text if I'm really interested in the content.
The web of 2020 has become a hostile and ad infested place. I miss the simplicity of the 90s, but it might be nostalgia bias.
To be fair the web of the early 2000s was full of ads too. I remember a time when people still used Yahoo as their homepage which was basically just a giant ad delivery platform with even more invasive ads than we have today. That's not to say that today is much better. It seems like most sites today try to walk the line between ad revenue and user retention.
The new dark pattern is to default everything off, but then have a separate switch labelled "legitimate reasons", which are all turned on for default.
For example https://www.telegraph.co.uk/ (right wing UK newspaper). In the pop-up it says "You can also review where our partners claim a legitimate interest to use your data and, should you wish, object to them doing so.".
If you click manage it opens with "user consent" selected, where everything is turned off. Click save means they're not going to start tracking you, right?
Wrong, if you switch to "legitimate purpose", you'll see that everything is turned on. All those ad companies claim they have a legitimate purpose to be tracking you, even though you have zero business relationship with them.
Unless the ICO hands out some very heavy fines to those companies, the whole thing's become a farce, just like the cookie law was.
(PDF) Irish DPA's sweep of thirty-odd websites under its jurisdiction. Lots of good guidance here, but for the point specifically under discussion, ctrl+f "nudge." https://www.dataprotection.ie/sites/default/files/uploads/20... by the DPC on the use of cookies and other tracking technologies.pdf
Filed bankruptcy? No problem. Just make the credit companies forget about it!
After moving from the US to the EU, I've thought about trying to use that right on my credit history in the US. I don't think it would work, but it would be entertaining if they even responded.
The right to erasure does not apply if processing is necessary for one of the following reasons:
to exercise the right of freedom of expression and information;
to comply with a legal obligation;
for the performance of a task carried out in the public interest or in the exercise of official authority;
for archiving purposes in the public interest, scientific research historical research or statistical purposes where erasure is likely to render impossible or seriously impair the achievement of that processing; or
for the establishment, exercise or defence of legal claims.
The GDPR also specifies two circumstances where the right to erasure will not apply to special category data:
if the processing is necessary for public health purposes in the public interest (eg protecting against serious cross-border threats to health, or ensuring high standards of quality and safety of health care and of medicinal products or medical devices); or
if the processing is necessary for the purposes of preventative or occupational medicine; for the working capacity of an employee; for medical diagnosis; for the provision of health or social care; or for the management of health or social care systems or services.
For more information about special categories of data please see our Guide to the GDPR.
a) the cookies are necessary for technical reasons. This means you don't need to ask for permission
b) the cookies are for marketing, which means you must be able to decline without consequences
Half of the banners do neither of these things and are thus either unnecessary or insufficient.