Comment by hdgvhicv - Hacker Neue

hdgvhicv Nov 19, 2025 parent

By not setting a cookie until the user does something active when I then tell them (say on “log in” or “add to basket”.

watermelon0 Nov 19, 2025

You don't need a cookie banner for authentication/shopping basket cookies, since these are essential.

However, you are still required to provide a list of essential cookies and their usage somewhere on the website.

phendrenad2 Nov 19, 2025

This. I don't know why there's a heavy overlap between the "GDPR didn't go far enough" people and not actually reading the GRPR. I'd think they would overlap a lot with people who actually read it.

nonethewiser Nov 19, 2025

I dont think you actually need a cookie for that, technically. But I take your point.

What about trackers which they want to set immediately on page load? Just separate prompts for each seems worse than 1 condensed view. You might say "but trackers suck - I don't care about supporting a good UX for them" and it would be hard to disagree. But I'm making the point that its not malicious compliance. It would be great if people didn't use trackers but that is the status quo and GDPR didn't make theme illegal. Simply operating as normal plus new GDPR compliance clearly isnt malicious. The reality is cookie banners everywhere was an inevitable consequence of GDPR.

mr_toad Nov 20, 2025

> But I'm making the point that its not malicious compliance.

It’s totally technically feasible to have a non-blocking opt-in box.

But sites effectively make a legally mandated opt-in dialog into an opt-out dialog by making it block the site. Blocking the page loading until the banner is dismissed is definitely malicious, and arguably not compliant at all.

And lets not get started on all the sites where the banner is just non-functional smoke screen.

This item has no comments currently.

Preferences

Keyboard Shortcuts

Story Lists

Navigation

Miscellaneous