EU data protection authorities find that the consent popups that plagued Europeans for years are illegal. All data collected through them must be deleted. This decision impacts Google’s, Amazon’s and Microsoft’s online advertising businesses.

All data collected through the TCF must now be deleted by the more than 1,000 companies that pay IAB Europe to use the TCF. This includes Google’s, Amazon’s and Microsoft’s online advertising businesses.

  • riccardo
    link
    fedilink
    2
    edit-2
    2 years ago

    “This has been a long battle”, said Dr Johnny Ryan of the Irish Council for Civil Liberties. “Today’s decision frees hundreds of millions of Europeans from consent spam, and the deeper hazard that their most intimate online activities will be passed around by thousands of companies”.

    This comment kinda implies that things are going to change, but it’s not outlined how they are going to change. The article mentions how the framework fails to inform users which data will be collected and how it will be used, but also that it “fails to properly request consent, and relies on a lawful basis (legitimate interest) that is not permissible because of the severe risk posed by online tracking-based “Real-Time Bidding” advertising”. This suggests that the framework must be reworked to be more accessible/friendly to users, and that some of options that usually fell under the “legitimate interest” category maybe shouldn’t be enabled by default.

    My main issue with the cookie consent popups is that many of them are ridiculously long to configure, and are very clearly designed to be misleading and ambiguous. Sometimes they even take you to a new page or need to load additional stuff when you decide to disable non-essential cookies. People have just given up on mangling with these toggles and just click on “accept all” as soon as the cookie alert pops out.

    • @wintermute@feddit.de
      link
      fedilink
      3
      edit-2
      2 years ago

      My main issue with the cookie consent popups is that

      That will (hopefully) be solved by the upcoming EU ePrivacy regulation.
      The German TTDSG gives a foretaste of what is to come - and goes far beyond the GDPR