The reddit mods are little tyrants in my experience. I hope the one's that think they own reddit get booted. Really, some of them are awful people. I wish I were trolling but I'm not. They can try to get their users to follow them somewhere else but it will fail because they are behaving unreasonably and breaking a site we all like, which has never been a big money maker. The mods belong in r/choosingbeggers for acting like it should be free
Reddit has never made a lot of money. AI companies scrapped all their data for free which wasn't fair. So they start charging to support the site. I don't see how reddit owners are in the wrong here. But mods are behaving as expected, like petulant children.
Dude the top AI company, "Open"AI, founded by Sam Altman is a board member of reddit, I'm all for conspiracy but at least get the basics right.
I myself have a conspiracy theory that he is pressuring Reddit to build a moat.
Also disallowing API access does shit, to stop API companies from scraping anyway, because they can still scrape off the site like how search engines do it, so even my conspiracy may only be true to certain extent.
Also mods are volunteers, they keep the community conformant to the sub rules, mods who don't watch their content will lead to comments like "Why is this on this sub", "sub has gone to shit", there are people who genuinely take care of their subreddit. They're kind of unpaid janitors.
Well then, he's acting responsibly by not letting every other AI company have the data for free. I'm not impugning all mods. I appreciate their work. But some let the power go to their heads
If it was just about AI scraping they could have given the third party reader apps a free pass on API fees.
The recorded phone calls from the Apollo developer have reddit agreeing with the dev’s suggestion that it is about the opportunity cost of having users using apps which are not easily monetised by reddit. Which is obvious to everyone so I don’t see why you’re pretending otherwise.
I don't see a lot of difference between reddit apps and AI companies.
Why do you pretend that apps should make money off reddit data without paying for it? Just because they did in the past doesn't mean they have to keep doing it now that everyone has realized it's a valuable commodity.
You are probably very aware that the main issue the app developers have is not about paying for access or not, it's how heavy handed and in short notice the demand for payment from Reddit came.
The 3rd party developers were very clear they were willing to figure out a way to pay for API access, it's just impossible to do it when you have 30 days notice to start being liable for a US$ 20m/year bill...
Could you expand on what's capitalistic about being a dick to 3rd party apps?
As a platform you can monetise that, turning it into wealth, the value is already there. These users prefer the experience of the platform provided by someone else than Reddit. In my mind, if principles of capitalism were in play here, and Reddit is well managed, they would find an efficient way to make money out of value that's already being delivered. Forcing apps to shutdown won't be doing that.
The current move is just a dick move with the potential to make Reddit less valuable than before, I do not understand what principle of capitalism states that this specific brutality is efficient at creating wealth.
You're making it personal, when it's business, not personal.
> users prefer the experience of the platform provided by someone else
Maybe reddit will buy the app that people like so they can monetize it
> Forcing apps to shutdown won't be doing that
Reddit is not forcing apps to shutdown. They are asking them to pay market value for the data
> I do not understand what principle of capitalism states that this specific brutality is efficient at creating wealth.
Reddit data is a commodity whose price is set by buyers and sellers. If your business depends on the price of a commodity being under a certain price and that price goes up and your business fails, that sounds like capitalism to me. Reddit has discovered that the value of their data has gone up with the arrival of AI and are asking people to pay accordingly. If you go out of business then you are among the first casualties of AI, , with many to follow. It's time to rethink your business model.
> You're making it personal, when it's business, not personal.
Spez made it personal, saying that Apollo's developer was extorting Reddit while it was absolutely untrue. This is not business, this is being a dick. It became personal when slander comes into play from the CEO...
> Maybe reddit will buy the app that people like so they can monetize it
Reddit did that with Alien Blue and... Killed the app, simple as that, they bought it with the promise they would integrate the experience that made people prefer Alien Blue to their official app and it didn't happen, Reddit simply killed it. Why do you think they would purchase yet-another-client? You're entering baseless speculation territory.
> Reddit is not forcing apps to shutdown. They are asking them to pay market value for the data
If Reddit wasn't forcing apps to shutdown they would give more than 30 days notice for a massive API change, I know that, I work with public APIs at my employer, serving 10s to 100s of millions of MAU through our API. If there is any change about pricing, formats, anything that would affect our 3rd party integrations we need to prepare with ample time to allow them to migrate.
If Reddit was really trying to monetise their API they'd discuss with the current large users of this API what the path forward looks like, enter into negotiations, Reddit wouldn't want to lose this value that already exists there. What they did is nothing like that, they gave 3rd party developers 30 days notice and after that you can be on the hook for US$ 20 million/year if you are a large enough app... This is not capitalism, this is killing apps because they don't know how to monetise it (or they know and it will take very long for this to show up in their IPO metrics and they want these metrics right now). There are a gazillion ideas on how to actually make those apps become another revenue stream, none of the good ideas include "30 days notice and after that you're on the hook for a massive usage bill".
> Reddit data is a commodity whose price is set by buyers and sellers. If your business depends on the price of a commodity being under a certain price and that price goes up and your business fails, that sounds like capitalism to me. Reddit has discovered that the value of their data has gone up with the arrival of AI and are asking people to pay accordingly. If you go out of business then you are among the first casualties of AI, , with many to follow. It's time to rethink your business model.
This is only true if AI is getting data through APIs, AI is getting data from the public web, from scraping, there are multiple datasources of scraped websites, you can even create your own scraper and go your merry way collecting Reddit's data. It does not explain the pay-to-play move, if I want Reddit's data I don't need their API, it's a website open to the public...
And I'm telling you that because I'm involved with initiatives around that at my employer, the only way that API limiting works against AI is if your data is not available generally in the web (like Facebook's).
What's special about self-awareness? Could it be a trick of the brain?
It's like the story of Jimi Hendrix dropping acid and playing amazingly well. Or, rather Jimi under the influence thought so — until he heard the recordings.
A "magic" trick perhaps? One that can't be explained by anything we currently know about physics? The materialist point of view is becoming increasingly incoherent and I think that's what angers many of them.
It's not the EU's fault that you have to click cookie banners. Those banners are only required if a website plans to do malicious things with the cookies. If they're used to track who's logged in, they are not required.
They are more akin to the "Do not eat" warnings on silica packs... except on the internet everyone swallows.
> It's not the EU's fault that you have to click cookie banners. Those banners are only required if a website plans to do malicious things with the cookies.
I just check some web pages from diffrent organs of the EU:
They all have cookie banners, some of them are super prominent and annoying. So maybe they as well are doing malicious things, maybe they don't understand they own regulation, or it is just impossible to have a non-trivial web page without a cookie banner in 2023. In either case, the regulation is totally dettached from reality and has become just some ritual.
> regulation is totally dettached from reality and has become just some ritual
not completely wrong.
ime in the case of the cookie law, most ppl didn't actually bother to go into details and just took the word on the street and some existing 'solution' and called it a day since everybody was doing it this way and sales/executives were pleased.
fact remains: cookie banner is _not_ necessary for logins and most existing banners are outright illegal since 'no' is not an easily accessible option
They are needed if they do anything with cookies and don’t block EU IP addresses: the laws are quite vague, and interpretation has for been quite broad.
They have no jurisdiction outside the EU, you can let EU IPs in all you want. I'm sick of people acting like they're some world police. Treat them like the children they are, ignore them.
To comply with the regulations governing cookies under the GDPR and the ePrivacy Directive you must:
Receive users’ consent before you use any cookies except strictly necessary cookies.
Provide accurate and specific information about the data each cookie tracks and its purpose in plain language before consent is received.
Document and store consent received from users.
Allow users to access your service even if they refuse to allow the use of certain cookies
Make it as easy for users to withdraw their consent as it was for them to give their consent in the first place.
If you want to save a person's login to make it easier for them to log in when they come back? That's not strictly necessary - consent is needed. If you save settings to a cookie - that's not strictly necessary - consent is needed. And then there's the "using a cookie to track a session to determine page bounce rate - even if it's not Google Analytics" - consent is needed.
And of course, consent is needed if you are using cookies for marketing.
Analytics and marketing tracking cookies require separate consent, that’s correct. I would prefer websites to refrain from attempting such tracking completely.
Great link, thanks. Minor note: appears that you have to use "Remember me - uses cookies". You have to make it clear you are using cookies for these operations.
I don’t think it’s necessary to inform the user about the exact technical means. The law doesn’t care about cookies as a technical mechanism. “Remember me in this browser” may be more adequate to indicate the scope of what is stored.
> If you want to save a person's login to make it easier for them to log in when they come back? That's not strictly necessary - consent is needed.
The consent is implied in login functionality. Literal example from same article you cited but apparently didn't bother to read in full:
> These cookies are essential for you to browse the website and use its features, such as accessing secure areas of the site. Cookies that allow web shops to hold your items in your cart while you are shopping online are an example of strictly necessary cookies. These cookies will generally be first-party session cookie
Essentially if cookie is effect of user action that would directly indicate it needs storing state (cart, login, stuff like switching themes on page) it is "essential" to that feature and doesn't need consent.
> Preferences cookies — Also known as “functionality cookies,” these cookies allow a website to remember choices you have made in the past, like what language you prefer, what region you would like weather reports for, or what your user name and password are so you can automatically log in.
Remembering username and password is different from remembering a session. You can implement "remember me" functionality just with a checkbox (which implies consent) and by extending the lifetime of the session cookie.
> When people complain about the privacy risks presented by cookies, they are generally speaking about third-party, persistent, marketing cookies.
Nothing is helped or solved by insisting first party "site preferences" cookies need consent. There's obviously room for interpretation in regards to what is a "strictly necessary cookie" when it comes to site preferences, account tokens etc.
I agree, most problem with privacy across the web is the cross-site tracking, and the ability to track a user across their entire browsing activity, not the fact that each website individually knows what the user did on their own website.
Malicious and lazy compliance are known problems with regulations that should be accounted for in advance. California's prop 65 passed in 1986, so by the time the EU was working on the GDPR they had more than 30 years of precedent for useless warning labels stamped on everything until they lose all meaning.
Theoretically websites could choose to do better, but the EU should absolutely have predicted this outcome.
Duh. I also know that governments can and do pay attention to what other governments are doing and observe the effects. It's much better to learn from someone else's mistakes!
This is not the interpretation I've been told. All stored things i.e. cookies, local storage, tracking jpegs etc must be described to the user and have an opt out.
Last time I checked, HN doesn't use tracking cookies and other such nonsense. All I see are session cookies to track my login. That doesn't require any form of popup.
HN being an American company probably violates some section of the GDPR (not having someone labeled as the privacy officer or some other technicality) but I doubt anyone cares. If you feel your privacy is getting violated, you can try contacting your local DPA.
In terms of cookies and data processing, I don't think HN is breaking the law anywhere, unless the privacy policy is full of lies and dang is secretly selling our personal info on the site (he isn't).
You should try working in an international company, on the Europe side, and communicate with the US side.
You'll quickly learn that what the EU does is very very very good for privacy,
I have contacts in a major company and they were shocked at how the US branch operates, they have absolutely no sense of privacy, no anonymisation, no limitation on what is stored or tracked, no consent, &c. they just scrape and store as much as they can for "future use"
There are lots of people, myself included, who are aware of how much data big tech has already cultivated on us and don’t give a damn if at this point BBC or Mike’s Bike Blog get in on the action too. Really we just wanted to read our article and not be interrupted, so we can go back to what matters more: anything not on the computer.
I’ve never felt protected or assisted by the cookie banners, just annoyed and inconvenienced.
Well good things laws aren't based on your feelings. I also hate putting my seatbelt on and I'd like yo enjoy real life instead of spending so much time clicking the damn belt
With the 0.1s it takes to click on a banner I'm sure you're fine. Most people probably visit less than 50 different websites per month, so at most that would be 50s per months, minus the banners you already clicked on, for which your browser already saved your choice (Unless you use incognito, but why would you do that, it's only for people who have something to hide right ? regular people just accept all data collection right ?)
Strong data privacy is good. Dumb side effects that serve no one are not. Cookie banners, or California's "is known to cause cancer" on virtually _everything_ serve no purpose and should be re-designed.
The EU law doesn’t say you must have banners. If your site doesn’t collect information on users, it doesn’t need a banner.
Also the banner, if there is one, must have a 1-Click "reject all" button.
Most sites fail to fully comply, because they want to force (annoy) users into clicking on "leave me alone I don’t care" button to keep selling user data. They make you go to some overly bloated list of things to disable, scroll all the way down to finally "confirm my choices". It’s voluntarily painful and with misleading wording.
These sites want you to believe that all this clunkyness is required by the EU law. It’s not. It’s the good old mislead-into-approval strategy, using dark patterns and blame-the-EU rethoric.
Having been in two car accidents, if I neglected to wear seatbelts, I'd be dead. If I neglected to click Deny on every cookie popup, big tech will have very slightly more data about me. Your equivalence of the two tells me all I need to know about the amount of time you've spent thinking about this topic.
And for the record, if it really takes less than 100ms to read and clear interstitials, I'm more impressed with your button clicking skills than anything. Have you tried Osu?
I’m pretty sure your contact in a major company will be even more shocked if they knew what all these European FinTech companies do with their customer’s data.
All the important things such as purchasing habit that used to require indirect guesses are now directly available in their databases as essential functions.
Thank Google and other adtech for lobbying and fighting to keep tracking legal.
The popups are malicious compliance. They want you to hate the popups, so that you will turn against privacy laws, and fully submit to the unimpeded surveillance business.
And it’s working: people are installing “I don’t care about cookies” extension that agrees to data collection, deanonimization, profiling, and sale of this data.
The complete lack of design standards is what kills the utility.
They should all have 3 buttons: "accept all" or "reject all" or "customize", dead simple. Every time it's a different design, different button text, different options. Usually rejecting = multi layers of options.
A perfect example of good intentions making bad policy.
Even Google has a "reject all" button in their cookie prompt these days. If rejecting takes you through multiple layers, consider reporting the website or their tracking partner to your local DPA.
The ad industry is intentionally making their popups as inconvenient as possible. They childishly point to the EU legislation that they "have" to make your life miserable with those popups but they really don't. They can choose to make your life easier, but that threatens their business model of using you and your browser as a source of revenue.
They can simply stop tracking you at all if you send the do not track header. You wouldn't even see the popups! They can even still serve ads, just not the ones based on the profile they've collected.
- Mandatory for function non-tracking cookies only
- Reject all
There should be a standardised browser accessible interface so browsers can automatically choose the one you want on your behalf based on your browser settings.
We've banned this account for repeatedly breaking the site guidelines and ignoring our many requests to stop. Not cool.
I appreciate your good comments but your frequent disregard for the intended spirit of this place causes more damage than your good comments add goodness, and set an unacceptable example for others.
I have hard time believing it is not intentional. I think Europe could easily enforce consistent UI which could be automated through ad blocker, but now they know that most companies would rather stop serving Europe than not track users for ad.
I doubt "most companies" would want to lose out on one of the biggest economies on our planet. Some have built unsustainable businesses incompatible with privacy though.
I'm using uBlock and Consent-o-matic to remove as much tracking as possible already.
There's already the "do not track" header that noone respects.
micro targeting is a threat to our democracy (cambridge analytica, Facebooks desinformation problem,..). Besides, why should third parties allowed to trade my digital persona, while basically knowing more about my interests and flaws than I am? I hate cookie banner as well but this excessive tracking must be stopped somehow.
Just install a plugin that does that for you, not sure why that would inconvenience anyone. The tools exists out there to make you never see such a popup again, why not use it?
The regulation says nothing about a cookie banner. Instead, it says companies cannot track you unless you give consent.
If you don't like cookie banners, which are indeed really annoying, you should be turning your ire to the companies that wish to track you. They are fully-functional solutions that allow anonymous tracking without installing cookies on your computer - no banner needed then.
I'm a grown up adult and if I wanted to block tracking I could. The fact that I don't should be the only answer needed but that's not good enough for the EU. They want to force companies to ask me because they want to take care of me and make sure I'm all right. You know, I left home at 18 to get away from my parents...
Unless you want to be using tor all day every day, and never make an online purchase or log in on a website ever again, there's really no way to stop companies from tracking you. The only way to make that happen is if a regulatory authority forces them to. That's why the GDPR exists.
Why couldn't that have happened in the browser though? We have plenty of mechanisms to block and/or delete cookies.
Essentially, now we're at a state where consent banners exist, slowing down all sites, and there are like four states: a) they look compliant, but are ignored by the website provider (the EU itself takes this approach), b) they are flat out ignored (a lot of companies still take this approach) c) they aren't compliant (tiny "no" link, huge "yes, take my firstborn" link) d) they're compliant and are paywalls (buy subscription or accept everything under the sun).
d) is what we're probably going to end up with, so you either pay or you accept tracking. More and more solutions offer that as an option so adoption will grow. Most people accept tracking (stats that I've seen say that those paying are like 1/10,000th), so what have we won exactly by doing this dance?
> Why couldn't that have happened in the browser though?
That would require more regulation, by regulating both browsers and websites, and their technical protocol. Instead the EU tried to minimize regulation by not prescribing the exact technical means by which websites would need to obtain consent for tracking from users.
Why would cookie-handling in the browser require websites to be regulated? They can set cookies, your browser reads the request and then decides to store them or not to store them, or to only store them for some amount of time, based on your preferences.
Browsers could already do most of it, and there are far fewer browser manufacturers than website owners, and they have far more resources than the average website owner, and, at least for some of them (all of them except Chrome), the incentives would be aligned. Right now it's "protect the user (and earn less money)", and the results are unsurprising.
The browser can’t distinguish between legitimate “necessary” cookies that don’t require consent and those that do. Hence there would need to be a technical specification of how websites mark cookies that do (or don’t) require consent. Even more importantly, for cookies that do require consent, the user has to be informed about their respective purpose, so that they can make an informed decision about whether they want to accept or reject the cookie. So there would need to be some standardized way for the website to give that information for each cookie, if the browser is to handle acceptance on behalf of the user.
Lastly, cookies aren’t the only way of tracking. Websites can also use local storage, or fingerprinting, and so on, each of which can equally require consent. If the browser consent mechanism is restricted to cookies, websites would have to be mandated to always use a cookie to ask for consent, even when they actually use other means for tracking, and websites would have to explicitly check whether the cookie is stored or not in order to control any other tracking.
The cookie banner is an implementation choice. Companies can already accept the DNT header to stop tracking. I believe Medium does this, it even replaces embeds with click through elements so external scripts can't track you.
However, choosing to respect the users' wishes isn't very profitable. You need to make your ads relevant to the content somehow andtthat requires effort and skills. It's much more profitable to trick people into consenting with tracking so you can sell their information, so the more annoying your cookie popup becomes, the more money you can make. IAB has already been fined for such a popup mechanism.
"Do not track" is not enough to comply with GDPR because you must also be able to request a copy or corrections of your personal information once you have given consent. Then there's the option to allow some companies to track you (say, analytics companies) but not others (say, Google) that needs to be taken into account.
Back in the day, Microsoft's P3P protocol was trying to fix this problem, but nobody used it. DNT headers also aren't really configurable in the browser itself, you can only pick on or off.
A protocol is being developed that may solve this (https://www.dataprotectioncontrol.org/) but I'm sure it won't work until the EU forces company to take such protocols into account. After all, ignoring people's wishes is literally how these ad empires are making money now.
The only thing holding me back from using that extension is
> In most cases, it just blocks or hides cookie related pop-ups. When it's needed for the website to work properly, it will automatically accept the cookie policy for you (sometimes it will accept all and sometimes only necessary cookie categories, depending on what's easier to do).
If there was a way to be assured that 99.9% of the time it hit reject all, instead of accept, I would absolutely use it.
Consent-o-Matic [0] tries to solve this. You could even allow specific sorts of cookies. It will (on most pages [1]) fill out these annoying formes based on the preferences you set.
Note that this extension is owned by Avast, which is known to harvest user data; by installing this extension, you allow Avast to harvest all your browsing data.
I don't understand how this is "good"?
Has your inconvenience been vindicated now that EU is failing to regulate short thing? Is the world somehow closer to fair and balanced now?
I'm suspicious of regulation until a good case is made for it. I'm suspicious of people whose world view is "we must regulate what others do" as their default position. I'm fine with regulation when there is a proven need for it.
Seriously one of the stupidest regulations I've ever seen. It would have been nice if they would have at least had the forethought to enforce regulation on a do not track header.
Neither ePrivacy nor GDPR require cookie consent popups, instead they basically say that tracking requires consent. GDPR only mentions cookies once, in its recitals. It's the adtech industry that decided to ignore DNT.
> Neither ePrivacy nor GDPR require cookie consent popups
Except that it does. The law specifically prohibits any form of consent that is not informed and specific. As a consequence, a user cannot just consent - or disallow - cookies globally. He has to tick a box for every single domain on earth; and can only do so after reading the specific information box associated to said domain.
As a user, saying "I am OK with analytics cookies but not with marketing ones" is not something I am allowed to express or setup. I have to do it for every domain because the law explicitly forbids a global solution to be implemented.
I'm afraid you are wrong for the global disallow button, as informed and specific consent is necessary to allow the processing of personal information, not to forbid it. See the definition in article 4(11), and the definition of the basis in article 6(1)a.
Correct. Cookie banners were required before GDPR. GDPR is the one that makes dealing with EU citizens online a risky enterprise, so the large entrenched players have the advantage.
I know that cookie banners exist since ePrivacy. That's why I mentioned it. But ePrivacy does _not_ mandate them. The adtech industry could have respected the DNT header.
a lot smaller of a demo, plus a fluctuating one at that, as we are slowly going back to offices
i'd imagine they do better tho, since they're more often white collar jobs, full-time jobs, and generally more lucrative than some on-site ones.
hubby hides out in the basement for 7.5 hours Mon-Fri but still brings home six-figures... easy-peasy. And speaking from experience, it means I can be cooking her dinner while on a workbreak a la slowcookers, etc.
> This is a deliberation on our experiences setting up a space that facilitates open and decentralized micro-movements.
> To take note of complexity is to let go of efficiency. When we take into account the intersectionality of approaches, when we look into each nuance more deeply, it’s only then we realise how intricate the threads of reality are
This article must be for acedemics. I can't understand it, probably because I am not in an acedemic in that field
"we set up some radios at various villages, and now we're going to write an article in coded language and buzzwords because what we actually have to say is about a sentence long and doesn't sound deep and meaningful when you say:
doing things with other people slowly lets things get complicated and we don't think this is a bad thing, as it allows some failure occasionally."
I am clearly not the target audience of this article, though, as I find the coded language to get in the way of communication, rather than facilitate it. There might be people who feel a certain way reading those words to whom this might be aimed.
It might also be written by someone who isn't a native English speaker. Most of these sentences are valid, but as you note, the wording is pretty strange, almost like they were written by someone who is choosing words from a dictionary without any knowledge of what sounds "natural".
Paraphrasing: "No one appreciates the hard work that went into my medium blog, which I hope to monetize at some point, and to top it off, anonymous people leave mean comments"
Are you new to the internet?
(the author doesn't read comments so I'm in no danger of offending him)
Yeah, exactly how I felt. They say, “we all know writing a blog is hard, it can take at least an hour”
The quality of blogs varies wildly so this makes no sense. Gwern seems to take a long time to write their blog and do research. Sometimes a blog post is literally a teenagers stream of consciousness. Both are OK, but it really depends on the blog whether I consider writing it both 1) a lot of work 2) valuable to me.
I just found this tone offputting. It was peak wordcell behavior IMO.
Incel terminology is so horrible to try and explain. But yeah, for anyone confused, basically any word can be affixed with -cel (from celibate) and it “works” — e.g., numbercel, wordcel, gymcel, heightcel, narutocel, ycombinatorcel, etc.
Typically these would’ve been used by the incel community to describe why someone is an incel (e.g., “heightcels” supposedly being too short to be attractive and so on). Now, I see the terms being used not only unironically by actual incels but also ironically, usually on the fairly leftist/chapotraphouse-adjacent parts of twitter and such.
Mac enthusiasts just can't accept the fact that people prefer to buy Windows machines over Macs by a wide margin. I used to be one of them, but the closed hardware approach and the "we know best" attitude turned me off long ago.
That said, if I needed a super fast machine to do graphics or video, I'd look seriously at the new chips. I don't need such a machine.
Most people prefer to buy Wintel not because of religious or philosophical reasons of "closed" vs "open". Most people buy Wintel for the simple fact that most of the world aren't rich western countries, when they need computing devices, they buy the cheaper ones, which are Wintel.
For "computer enthusiasts", all they care about is games. If macOS could play the full Steam catalog, they would all flock to the Mac.
