this post was submitted on 18 Sep 2023
52 points (96.4% liked)

Explain Like I'm Five

14263 readers
134 users here now

Simplifying Complexity, One Answer at a Time!

Rules

  1. Be respectful and inclusive.
  2. No harassment, hate speech, or trolling.
  3. Engage in constructive discussions.
  4. Share relevant content.
  5. Follow guidelines and moderators' instructions.
  6. Use appropriate language and tone.
  7. Report violations.
  8. Foster a continuous learning environment.

founded 1 year ago
MODERATORS
sabbah@lemmy.world
AradFort@lemmy.world
rikudou@lemmings.world
Don_Dickle@lemmy.world
Rikudou_Sage@lemmy.world
52
ELI5: Legitimate-interest cookies (kbin.social)
submitted 1 year ago* (last edited 1 year ago) by chuso@kbin.social to c/explainlikeimfive@lemmy.world
24 comments fedilink hide all child comments
 

So almost every GDPR cookie consent banner out there has a section for "legitimate interest" cookies that they can leave on by default and you will inadvertently accept even if you choose "Reject all" unless you go to the detailed settings and disabled those too.
Some of them have dozens of legitimate-interest cookies.
I read some articles about what they are and why it is allowed to keep them on by default, but they were very vague. So can someone explain it to me like I am five?

you are viewing a single comment's thread
view the rest of the comments
[–] cabbagee@sopuli.xyz 4 points 1 year ago (1 children)

Nice, this is also what I found. More from the GDPR website but still vague.

There are 2 more questions it sounds like OP is asking -

  • Why are Legitimate cookies allowed to be defaulted on?
  • Why are they allowed to be hidden in a different menu?

I didn't see any answers to these questions in my quick read-through. Nothing about default settings on the GDPR website and the menu thing sounds like obfuscation. Now whether it's to make the cookie menu more user friendly or gather more data for the company... or both? Don't know. The GDPR website does mention that

The rules regulating cookies are still being set, and cookies themselves are continually evolving, which means maintaining a current cookie policy will be a continuous job.

So maybe the legal side for this is still in the works.

[–] amio@kbin.social 1 points 1 year ago (1 children)

It's extra weird because by definition, whatever they thought "legitimate interest" really meant, they wouldn't need your consent for. That's a different letter or clause or whatever.

[–] scytale@lemm.ee 4 points 1 year ago (1 children)

Sounds like a loophole to make unnecessary cookies bypass the opt-out choice.