this post was submitted on 17 Jan 2024
1117 points (97.1% liked)
Mildly Infuriating
35438 readers
721 users here now
Home to all things "Mildly Infuriating" Not infuriating, not enraging. Mildly Infuriating. All posts should reflect that.
I want my day mildly ruined, not completely ruined. Please remember to refrain from reposting old content. If you post a post from reddit it is good practice to include a link and credit the OP. I'm not about stealing content!
It's just good to get something in this website for casual viewing whilst refreshing original content is added overtime.
Rules:
1. Be Respectful
Refrain from using harmful language pertaining to a protected characteristic: e.g. race, gender, sexuality, disability or religion.
Refrain from being argumentative when responding or commenting to posts/replies. Personal attacks are not welcome here.
...
2. No Illegal Content
Content that violates the law. Any post/comment found to be in breach of common law will be removed and given to the authorities if required.
That means: -No promoting violence/threats against any individuals
-No CSA content or Revenge Porn
-No sharing private/personal information (Doxxing)
...
3. No Spam
Posting the same post, no matter the intent is against the rules.
-If you have posted content, please refrain from re-posting said content within this community.
-Do not spam posts with intent to harass, annoy, bully, advertise, scam or harm this community.
-No posting Scams/Advertisements/Phishing Links/IP Grabbers
-No Bots, Bots will be banned from the community.
...
4. No Porn/Explicit
Content
-Do not post explicit content. Lemmy.World is not the instance for NSFW content.
-Do not post Gore or Shock Content.
...
5. No Enciting Harassment,
Brigading, Doxxing or Witch Hunts
-Do not Brigade other Communities
-No calls to action against other communities/users within Lemmy or outside of Lemmy.
-No Witch Hunts against users/communities.
-No content that harasses members within or outside of the community.
...
6. NSFW should be behind NSFW tags.
-Content that is NSFW should be behind NSFW tags.
-Content that might be distressing should be kept behind NSFW tags.
...
7. Content should match the theme of this community.
-Content should be Mildly infuriating.
-At this time we permit content that is infuriating until an infuriating community is made available.
...
8. Reposting of Reddit content is permitted, try to credit the OC.
-Please consider crediting the OC when reposting content. A name of the user or a link to the original post is sufficient.
...
...
Also check out:
Partnered Communities:
Reach out to LillianVS for inclusion on the sidebar.
All communities included on the sidebar are to be made in compliance with the instance rules.
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Heh, we had this problem with a work product a month ago. it's the suppress cookie popups feature.
Legislation in some areas requires people to opt in to cookies, but add blockers block the banner pop, so from a legal compliance standard they're not in compliance even though it's something the users are doing.
The cookie blockers automatically decline cookie consent with the minimum possible cookies.
If your site is GDPR compliant it must respect the consent triggers by the extension as the consent is identical to if a human user correctly filled out the cookie form to acknowledge only the minimum required cookies.
CNN in the OP is just gaslighting the user here.
That's assuming the extension manages to hit your trigger correctly. They did not make the js call, just blocked the div. Oddly, they left our full page control block in place. We had to modify our triggers to make it work.
Is the trigger a js event, or an api call, or what?
We had a form button on a div slide in with a 30% dimmed background div behind it. The button just did a JS call to trigger to safe cookies or not and unblock the back div.
The browsers were just unblocking the banner div on us they weren't making the button call. I'm sure they do something very smart to try to figure out how to automatically click okay or cancel, somehow it just didn't line up with what we had written.
Genuine blockers do that, but some anti-nag filters remove the popup via css or js suppression.
I'm using the consent-o-matic Firefox plugin (set to deny all) and have no issues whatsoever using CNN on mobile.
Thanks I'll check it out
How would blocking the pop-up be violating the law, though? If the pop-up doesn't show, you're not able to agree to cookies. You don't provide your explicit consent, therefore the website must assume you don't want to be tracked. The presence of the pop-up shouldn't be changing anything for people not willing to opt in, should it?
Or perhaps they're self-aware and have set it up to only opt you out by filling out the form, which you can't do if it isn't there. Or they just want you to agree to those "required" cookies? I don't know.
Blocking the pop-up isn't violating the law. Nevertheless we needed the cookie for the login. If we didn't get you to authorize the cookie you really had no business in the app because it would not work for you. It was a bad design but it was third party.
But we couldn't even pop that up because the browsers just tried to slide by any notifications about cookies
First-party cookies that are needed for site functionality (like a login cookie) dont require explicit consent.
Feel free to proceed without a cookie banner.
From gdpr.eu:
It took me so long to figure out what you meant about accounts and stuff until I remembered you were talking about your own product. I get it now. Do you think it's a similar situation here, where the site is reliant on these third-party cookies to function at all?
They literally explained. Some jurisdictions require them to ask you about cookies but the way some people configure their browser blocks this legally required prompt, potentially exposing them to legal action.
The cookie popup is only required if you're serving cookies. If the user is unable to accept/reject, or chooses not to, the correct action is to not serve any cookies to stay compliant with the law.
It is obvious that you should not serve a single cookie until after the user has accepted it. Unless you're intentionally being an ass of course
Narrator: They are intentionally being an ass.
Horseshit. The legislation does not just require that they "ask."
If the pop-up can't be served, all it means is that they can't use the cookies or tracking restricted by the legislation. If the user did not consent for any reason, then they did not consent. This includes if the pop-up is not displayed for whatever reason. It's not the user's fault CNN is too stupid to understand this. If they don't serve illegal cookies or perform illegal tracking, then they don't have to ask. It's pretty damn simple.
In reality, they're just using this to try to prevent people from using an ad blocker on their site, and making up a rationalization post-hoc.
Is that actually true or is that just their legal team playing it overly safe? Because if it is true that's incredibly stupid.
Not just the legal team. Every time there's new legislation like this, a new set of contractors pop up offering to walk your company through what it needs to do to be compliant. Nobody is quite sure what the limits are--and nobody will for several years until court precedents work out the issues--so those contractors are going to tell you to assume the worst case interpretation.
PCI Compliance (technically a contractual obligation rather than legal), Sarbanes-Oxley, and GDPR were good things, but all of them spawned a sub-industry of grifters.
Is it even the legal team though? This just feels like someone playing malicious compliance.
It sounds like legal teams playing it safe. Who would go to court over such a thing?
The California stuff still has yet to play out in courts but the European law covering it was actually pretty significant. And it was enough of a pain in the ass that they recently said they're going to repeal it.
Repeal the EU law? I've heard that they were going to tweak it, but that usually means they'll tighten it, like when they clarified you can't make a cookie banner with thousands of individual opt-out switches.