Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> because lazy web developers did not implement it right

No, because the legislators fundamentally misunderstood cookies. Almost any website needs to have some basic tracking of users for fraud detection, bot detection, and yes, basic analytics.

Instead of writing out a thoughtful approach, we get a mandatory nag screen right up there with "This product is known to cause cancer in the state of California" on anything sold ever. Users ignore them because the information isn't useful - infinite noise, no signal.

This is the opposite of the CAN SPAM law which did have thoughtful requirements - allowing exceptions for account related emails, requiring one-click unsubscribe but also giving systems a period to obey that to handle mail already in transit.

GDPR has so far been grossly in the cookie nag screen category, except instead of a tiny bar on visiting a page I get a multi-select based dialog of doom. The answer most companies are going to take is simply not market services to folks in the EU, and those that do will implement annoying nag screens.

More rules blindly applied rarely solves problems.



Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: