the angle of wasted productivity on the end-user's side seems ridiculous. If anything, count wasted resources in implementation for little gain for the end-user.
Also:
"Assuming it takes an average of 5 seconds per interaction with a cookie banner".
People don't spend 5 seconds clicking accept. They start reading their website, notice the banner in their periphery shortly after, and click it to go away.
If websites respected Do Not Track then things would be a lot easier. I think we need a right to be listened to. Right now it's enough online to insist on only accepting information in one particular way, like having a noreply email and making people login and submit since shitty web form to respond. Putting your hands over your ears and tape over your mail slot doesn't work in real life, it shouldn't work on the web either.
The whole thing is a colossal waste too, it was a law written by people who don't understand tech for special interest groups who don't want to actually make things better.
If you don't want a website doing something on your computer, you start with the browser, not the website.
People blame the cookie banners themselves or the legislation that "made them necessary" but somehow never seem to blame the web companies for doing the naughty things on their websites that make them subject to the law.
The "cookie banner problem" exists because it's primarily end users that are shouldering the burden of them, and not the companies. For the company, it's a one time JIRA ticket for a junior software engineer to code up a banner. For everyone else, it's thousands of wasted seconds per year. Make the law hit companies where it hurts: their balance sheets.
Why should websites even be trusted with implementing these banners in the first place? Browser vendors should be responsible for implementing these controls per-origin. Give a little banner pop-up built into Chrome, Firefox, Safari, and the rest. Have it display every time a new site sets a cookie for the first time. Or have it reject every cookie by default, unless I whitelist a site. This would result in a consistent user-experience across the board, and I'd actually be able to trust that I'm not being tracked.
Instead, we are trusting the very websites we are blaming on tracking us in the most decietful, malicious ways possible to self-regulate and implement these controls. So now every website gets a shitty banner - on top of all the other annoying in-page banners and popups which are a staple of 2020s web design - that asks us if we want cookies. All these banners look different, are positioned differently on the page, appear at different times after the page is loaded, and function differently. So there's no consistency. And 90% of the time you can't disable all the cookies anyway, because there's that little grayed out toggle control for "strictly necessary cookies." How do I know one of those cookies you consider "strictly-necessary" or "crucial for site functionality" doesn't connect back to some evil tracking algorithm, the blocking of which was the whole point of this banner debacle in the first place?
So we have essentially asked websites to self-regulate the way the US's vitamin/supplement industury does, except its worse because I don't have to click a fucking banner before I take a capsule of what may or may not be vitamin C.
So again, why isn't this the responsibility of browser vendors? Am I taking crazy pills? Am I going insane or is the world going insane?
I am about as far from Europe as you can get, and I think my fellow kiwis also spent an inordinate about of time clicking EU mandated cookie banners.
Cookies should be enforced in the browser. I think all the major browsers block third party cookies now. Bad actors can use other fingerprints to do tracking.
There's a more insidious effect of cookie banners, which is that they make it annoying to follow external links, especially to websites that you haven't visited before. This disadvantages websites built for external links, like HN.
I would like to present my opinion that this amount of time is spent dealing with website malicious compliance with EU rules. And it is in general asking people to get tracked and present them with personalized track or share/sell the data to their partners. All of these does not happen and you don't have to do that if you don't track and collect information about your users. Well there are some genuine websites that needs that but I am talking about the general case.
The internet is broken and I don't think it's only in the EU. In the last years I found myself just avoiding using websites I'm not familiar with or confident they're not filled with ads and trackers, I've set-up some aggregators and custom readers to find and get the information I'm interested in. If I open a page that has the cookie banner that blocks me from reading the content or forces me to agree I just close it, it wouldn't have been that important anyway.
I know that I'm in the minority, especially here, but I generally welcome paying with my data. it seems to me that companies need to generate revenue and they do this by extracting something of value from the user and that this thing by definition almost would be something the user isn't happy to just hand over: money, watching ads, electricity for mining crypto, personal data etc. It's some form of payment.
for me personally out of all these options giving my data is my least painful payment option for one off services.
Because I use fresh incognito mode for each browsing session, I have to click through those consent popups on every website I visit. Quite frustrating to say the least.
> This situation calls for an urgent revision of the ePrivacy Directive
Shame companies cannot live without tracking cookies, and shame that the blame somehow end up on the regulation, rather than the companies who are the ones who introduce this cookie banner and "massive productivity loss".
You know the best way of not having to put up cookie banners on your website? Don't store PII in cookies. You know the best way of not having to care about GDPR? Don't store PII.
"All" the EU needs to do is to mandate adherence to the Do Not Track setting in browsers, but then vast swathes of businesses based on unwanted and unethical tracking would go bust, so we have this really shitty stalemate.
All websites we build adhere to the Do Not Track setting and don't even show a cookie banner if it's set. The only question is whether we should show a message to say that we're not tracking people because we see they've asked us not to! It's possibly a bit easier for us because we work primarily in the non-profit sector where ethics are perhaps a little higher up the agenda.
> actively tracking a user beyond their visit to a website is difficult or borderline impossible for website owners, as it would require a court order.
I am skeptical of this claim. Partially due to the existence of trackers, beacons, 3rd party cookies and fingerprinting methods.
> Identifying users typically requires a court order to process IP addresses
This destroyed the world wide web, which was the major driver of the internet as a consumer application. I'm referring to the experience of intelligent & creative publishers sharing content openly on the web. This did far more to destroy the world wide web than ads or tracking
I can't believe any of this made a difference in privacy. There is ZERO chance that the law can be enforced here. I've worked in few startups in Europe, no one understand their obligation, let alone the consequences from third party services.
This whole cookie banners, and GDPR in general, is as good as literature.
These calculations read like an episode of Silicon Valley.
Sure the banners are a stupid idea and a little annoying, but these figures have no merit. There's no way 500m hours of productivity are going to materialize from removing the banners. Removing 'please subscribe' popups, and other ads, now that's altogether different...
Analysis of economic and productivity losses caused by Youtube ads in <world>.
<S>OMFG!!! YOUTUBE IS COSTING THE WORLD *750B EUR* PER YEAR. </S>
How many hours of productivity are lost to Youtube ads?
2.49 billion active users, average seems to be 29 hours per month, reddit reports 4 ads/10 minutes lately - so 24 ads/hour, 5 seconds each (even though that went up!), so 2mins of ads/hour or 1 hour of ads per month, 12 hours of ads per year!
12 hours * 25 Eur/hour * 2.5B = 750B Eur
(probably made some mistakes)
Also, this article is ridiculous - like assuming all 400M European internet users are "productive" at 25Eur/h (30% are probably < 15 or > 65), people clicking 1200 banners per year because they visit 100 sites/month (12*100, right?!) and so on.
I don't even have the words to express how little I care if companies serve me targeted ads with cookies. On the other hand I absolutely despise what the average visit to website with a cookie banner has become.
This is an example of the potential double-edged sword of passing legislation without input from lobbyists. On one hand, without an industry voice, they passed an amazingly ambitious set of protections. On the other hand, it doesn't seem like there was a technical industry expert who warned them of the implications.
(I say that, but the EU bureaucrats that passed this law may actually see the immense numbers of popups as a win still - who knows).
A revision is patently obvious to seemingly everyone - revise the law to instead mandate that websites respect the Do Not Track header, or at least have designed a more granular replacement. There's no reason you shouldn't just be able to set it once and your browser tracks it for you.
Analysis of economic and productivity losses caused by cookie banners in Europe
(legiscope.com)176 points by vegasbrianc 4 hours ago | 166 comments
Comments
If you're on iOS, the Kill Sticky bookmarklet does a decent job of cleaning these up without breaking most sites: https://www.smokingonabike.com/2024/01/20/take-back-your-web...
Also:
"Assuming it takes an average of 5 seconds per interaction with a cookie banner".
People don't spend 5 seconds clicking accept. They start reading their website, notice the banner in their periphery shortly after, and click it to go away.
If you don't want a website doing something on your computer, you start with the browser, not the website.
The "cookie banner problem" exists because it's primarily end users that are shouldering the burden of them, and not the companies. For the company, it's a one time JIRA ticket for a junior software engineer to code up a banner. For everyone else, it's thousands of wasted seconds per year. Make the law hit companies where it hurts: their balance sheets.
Instead, we are trusting the very websites we are blaming on tracking us in the most decietful, malicious ways possible to self-regulate and implement these controls. So now every website gets a shitty banner - on top of all the other annoying in-page banners and popups which are a staple of 2020s web design - that asks us if we want cookies. All these banners look different, are positioned differently on the page, appear at different times after the page is loaded, and function differently. So there's no consistency. And 90% of the time you can't disable all the cookies anyway, because there's that little grayed out toggle control for "strictly necessary cookies." How do I know one of those cookies you consider "strictly-necessary" or "crucial for site functionality" doesn't connect back to some evil tracking algorithm, the blocking of which was the whole point of this banner debacle in the first place?
So we have essentially asked websites to self-regulate the way the US's vitamin/supplement industury does, except its worse because I don't have to click a fucking banner before I take a capsule of what may or may not be vitamin C.
So again, why isn't this the responsibility of browser vendors? Am I taking crazy pills? Am I going insane or is the world going insane?
/rant
Cookies should be enforced in the browser. I think all the major browsers block third party cookies now. Bad actors can use other fingerprints to do tracking.
https://chromewebstore.google.com/detail/consent-o-matic/mdj...
for me personally out of all these options giving my data is my least painful payment option for one off services.
GDPR is basically exactly what Bill Gurley talks about here ; https://www.youtube.com/watch?v=F9cO3-MLHOM
Regulatory capture.
https://legiscope.com/blog/hidden-productivity-drain-cookie-...
> This situation calls for an urgent revision of the ePrivacy Directive
Shame companies cannot live without tracking cookies, and shame that the blame somehow end up on the regulation, rather than the companies who are the ones who introduce this cookie banner and "massive productivity loss".
You know the best way of not having to put up cookie banners on your website? Don't store PII in cookies. You know the best way of not having to care about GDPR? Don't store PII.
All websites we build adhere to the Do Not Track setting and don't even show a cookie banner if it's set. The only question is whether we should show a message to say that we're not tracking people because we see they've asked us not to! It's possibly a bit easier for us because we work primarily in the non-profit sector where ethics are perhaps a little higher up the agenda.
>if you collect users data
>you must ask first
>add a yes or no button on a banner so they can pick
but instead the eu citizens were let down by the legislators
I am skeptical of this claim. Partially due to the existence of trackers, beacons, 3rd party cookies and fingerprinting methods.
> Identifying users typically requires a court order to process IP addresses
And this one as well.
Or, as Emanuel Macron was recently saying, today's expense in precipitously declining economic competitiveness.
This whole cookie banners, and GDPR in general, is as good as literature.
Sure the banners are a stupid idea and a little annoying, but these figures have no merit. There's no way 500m hours of productivity are going to materialize from removing the banners. Removing 'please subscribe' popups, and other ads, now that's altogether different...
>404 Not Found
<S>OMFG!!! YOUTUBE IS COSTING THE WORLD *750B EUR* PER YEAR. </S>
How many hours of productivity are lost to Youtube ads?
2.49 billion active users, average seems to be 29 hours per month, reddit reports 4 ads/10 minutes lately - so 24 ads/hour, 5 seconds each (even though that went up!), so 2mins of ads/hour or 1 hour of ads per month, 12 hours of ads per year!
12 hours * 25 Eur/hour * 2.5B = 750B Eur
(probably made some mistakes)
Also, this article is ridiculous - like assuming all 400M European internet users are "productive" at 25Eur/h (30% are probably < 15 or > 65), people clicking 1200 banners per year because they visit 100 sites/month (12*100, right?!) and so on.
(I say that, but the EU bureaucrats that passed this law may actually see the immense numbers of popups as a win still - who knows).
A revision is patently obvious to seemingly everyone - revise the law to instead mandate that websites respect the Do Not Track header, or at least have designed a more granular replacement. There's no reason you shouldn't just be able to set it once and your browser tracks it for you.