Website operators don’t want to have to display cookie banners
This is false. If they didn’t want to display the banners they could literally remove them, there’s absolutely nothing requiring them as long as they don’t track your behavior. They refuse to give up tracking so they add the banners to annoy visitors and hopefully trick some of them into accidentally opting into tracking. It’s an abusive manipulation of a loophole in the GDPR. If they really hated the banners they could just not track you but they rather make it your problem.
“trick some of them accidentally” is definitely underestimating average users. In my experience 95% + of all users click consent once, all is stored forever and they’ll never see the banner again, for sure not on the same device. They don’t do adblocking, no automatic cookie deleting, in fact no browser extensions at all. The average fediverse user is a weird mix of a 1990’s internet poweruser with a today tech kid trying to make it into the future technologies on their own terms and by faaaar not an average user visiting average website on average devices with average browsers and configurations. In short: most people don’t experience this ‘problem’ like us, because they consent by default to anything you throw at them and are then in the gated tracking paradise where there’s barely any cookienagging, visiting the same handful of websites all the time anyway.
Websites did it to themselves by abusing cookies to track users. Instead of consent popups though, the EU should have just blanket banned tracking in general.
If website operators didn’t want to ask for consent, they should stop trying to profit for your behavioral data. But they want to sell your data and have de it from you. That’s the only thing not allowed. There are plenty of sites that use cookies and don’t need to show a consent banner.
I once saw a German website (idealo.de) doing exactly what you said. If the header was set, they skipped the banner and interpreted it as “minimum cookies”.
Website operators don’t want to have to display cookie banners and users don’t want to see them. So what are we doing?
Like the other comment, I also disagree with that. Most websites show them to make it hard to decline the tracking.
But I once saw a website (I think, it was the German idealo.de) which checked for the (now deprecated) "Do Not Track" HTTP header. If it was there, it then did not show the banner. I liked that solution.
It’d be nice if that header was default for all users, unfortunately it can (and has, probably) end up being just another data point for uniquely identifying you.
Probably will never be default since 99% people use Chrome, and we know who owns that…
Extensions seem the only way without making your traffic more unique.
Ah yes the classic “You’re making me hit you, I don’t want to, but you’re making me do this”. Maybe instead of blaming the flawed attempt at protecting you from abuse you instead blame the ones doing the abusing.
Website operators don’t want to have to display cookie banners and users don’t want to see them. So what are we doing?
This is false. If they didn’t want to display the banners they could literally remove them, there’s absolutely nothing requiring them as long as they don’t track your behavior. They refuse to give up tracking so they add the banners to annoy visitors and hopefully trick some of them into accidentally opting into tracking. It’s an abusive manipulation of a loophole in the GDPR. If they really hated the banners they could just not track you but they rather make it your problem.
“trick some of them accidentally” is definitely underestimating average users. In my experience 95% + of all users click consent once, all is stored forever and they’ll never see the banner again, for sure not on the same device. They don’t do adblocking, no automatic cookie deleting, in fact no browser extensions at all. The average fediverse user is a weird mix of a 1990’s internet poweruser with a today tech kid trying to make it into the future technologies on their own terms and by faaaar not an average user visiting average website on average devices with average browsers and configurations. In short: most people don’t experience this ‘problem’ like us, because they consent by default to anything you throw at them and are then in the gated tracking paradise where there’s barely any cookienagging, visiting the same handful of websites all the time anyway.
Websites did it to themselves by abusing cookies to track users. Instead of consent popups though, the EU should have just blanket banned tracking in general.
If website operators didn’t want to ask for consent, they should stop trying to profit for your behavioral data. But they want to sell your data and have de it from you. That’s the only thing not allowed. There are plenty of sites that use cookies and don’t need to show a consent banner.
I’d honestly be so much happier if it was a permission request similar to e.g. accessing location or microphone access, for a number of reasons:
Browsers already have the do not track header, it should just honor that. If you have that set it should be an automatic opt out no banner necessary.
Unfortunately, it was deprecated in 2025: https://en.wikipedia.org/wiki/Do_Not_Track
I once saw a German website (idealo.de) doing exactly what you said. If the header was set, they skipped the banner and interpreted it as “minimum cookies”.
Like the other comment, I also disagree with that. Most websites show them to make it hard to decline the tracking.
But I once saw a website (I think, it was the German idealo.de) which checked for the (now deprecated) "Do Not Track" HTTP header. If it was there, it then did not show the banner. I liked that solution.
It’d be nice if that header was default for all users, unfortunately it can (and has, probably) end up being just another data point for uniquely identifying you.
Probably will never be default since 99% people use Chrome, and we know who owns that…
Extensions seem the only way without making your traffic more unique.
Website operators don’t have to display cookie banners. They can just not use tracking/ad cookies. Simple af.
This is the EU’s law, “See how much we did to protect you!” It security theatre.
Ah yes the classic “You’re making me hit you, I don’t want to, but you’re making me do this”. Maybe instead of blaming the flawed attempt at protecting you from abuse you instead blame the ones doing the abusing.