In order for consent to be freely given, access to services and functionalities must not be made conditional on the consent of a user to the storing of information, or gaining of access to information already stored, in the terminal equipment of a user (so called cookie walls).
Also:
Without prejudice to existing (national) contract law, consent can be obtained through a recorded oral statement, although due note must be taken of the information available to the data subject, prior to the indication of consent. The use of pre-ticked opt-in boxes is invalid under the GDPR. Silence or inactivity on the part of the data subject, as well as merely proceeding with a service cannot be regarded as an active indication of choice.
And:
Therefore, merely continuing the ordinary use of a website is not conduct from which one can infer an indication of wishes by the data subject to signify his or her agreement to a proposed processing operation.
Notably, what Mike asks (consent to be given by browser settings) is explicitly allowed by the authority:
An often-mentioned example to do this in the online context is to obtain consent of Internet users via their browser settings.
But:
However, when consent is obtained via electronic means through only one mouse-click, swipe, or keystroke, data subjects must, in practice, be able to withdraw that consent equally as easily.
Many forget the general premise of all this:
Consent remains one of six lawful bases to process personal data, as listed in Article 6 of the GDPR. When initiating activities that involve processing of personal data, a controller must always take time to consider what would be the appropriate lawful ground for the envisaged processing.
I'm only happy if Spotify managed to find other content sources to reduce the time spent by users on the big music labels' content (and therefore the royalties paid to them), but that doesn't require forcing users to go on their DRM-infested web properties.
It would help for the large majority of visitors, if you chose to remove the unnecessary cookies and other PII processing.
Nobody is saying this is easy: doing without centralized ad networks is indeed difficult for a small publication like TechDirt (unlike the NYT). As a reader I enormously appreciate all the efforts made to keep TechDirt afloat with various sources of revenues.
Blocking third-party cookies and JavaScript is relatively easy if one accepts some inconvenience. The problem is that third parties like Google Analytics nowadays store their information in first-party cookies, so you have to do some trickery based on the entropy content of cookies to guess whether they are legitimate necessary cookies or surveillance cookies.
We use cookies, for example, to track your preferences (including when you turn off ads on the site, which we let you do for free). In order to make sure those ads are gone, or whatever other preferences stay in place, we use cookies.
This is a bad representation. EU privacy laws do not require a cookie warning for essential cookies, only for the inessential ones. https://gdpr.eu/cookies/
Techdirt sets a number of cookies for unregistered users, few if any of which appear to be necessary to serve the content: https://i.stack.imgur.com/joXty.png
Practically speaking, if you removed Google Analytics you would have done most of the work. (Or do you also show ads from Google? I'm happy to pay a subscription largely because I refuse to load ads. At the moment you don't seem to be loading any ads but maybe it's just you being suspended by Google Ads.)
Some passages of the Techdirt privacy policy are a bit dubious:
Floor64 does not share your personally identifiable information with other organizations for their marketing or promotional uses without your prior express consent. Please be aware, however, that any personally identifiable information that you voluntarily choose to display on Techdirt - such as when you publish attribution credits for your submissions - becomes publicly available and may be collected and used by others without restriction.
This seems to imply you don't share IP addresses with third parties, which is incorrect because Techdirt loads resources from Automattic, Google, FontAwesome, CloudFlare, Soundcloud, StackCommerce, Amazon, RawGit, Akamai and ChartBeat. Some of these are definitely superfluous, for instance fonts and static JS could be easily stored on your server.
People like to blame the EU law but the responsibility rests squarely with the laziness of the website admins and developers who failed to reconsider their usage of cookies. I'm happy to help with patches if there's a git repository you can share somewhere.
No, but if they're simple banners without tracking cookies etc. people might be happier to let them show up. I would personally consider enabling ads on the NYT (I've never in my life seen one), as I used to do on StackExchange, if they're really in house etc.
Yeah, it's quite unlikely for anything good to come out of it, but some states are getting creative. There's a small chance that some sensible (public or semi-public) out-of-court mechanism with low/zero legal costs will end up being instituted in some small state while the MPAA is distracted.
How most of Mike Masnick's article misread the news about NYT
No, Mike, I'm sorry but there's no indication that the NYT is doing anything like the ads networks it's replacing. NYT says they'll have a few dozens segments (mostly simplistic demographics data), as opposed to thousands in the most basic Google/Twitter/Facebook ads, multiplied by +inf combinations created by machine learning on behavioral data.
There is no indication that they'll buy data from data brokers to merge their users' profiles with their Visa/Mastercard payments, their movements, whatever they've visited around the web, their insurance and healthcare data and all the sorts of things Google/Twitter/Facebook do.
Re: Libraries as an end to the anti-piracy conspiracy?
Some private torrent trackers have already tried to fashion themselves as privately run libraries but so far success has been limited (euphemism). The case was never seriously explored though.
If the new service fails, who cares? Its failure will be used in an antitrust case against AirBnB to squeeze some money out of it. Bingo.
The copyright cartels show the way: make yourself irrelevant with terrible business decisions, then blame whoever is the richest kid on the block and get some corporate welfare.
Re: Now if that can go from the exception to the norm...
The order to attend a course and so on seems quite strict. He'll probably fail to comply, so we'll probably see another contempt of court. Maybe this time he'll serve jail time? That might be instructive, especially if the jail provides law courses.
On the post: Yes, This Site Uses Cookies, Because Nearly All Sites Use Cookies, And We're Notifying You Because We're Told We Have To
Re: Re: Misreading of the law on essential cookies
There are a few cases ongoing, maybe you mean one of these:
https://gdprhub.eu/index.php?title=CJEU_-_C-673/17_-_Planet49
https://gdprhub.eu/index.php?ti tle=AP_-_Consent_to_place_cookies
Most interesting at the moment are Guidelines 05/2020 on consent under Regulation 2016/679 (Version 1.1, adopted on 4 May 2020):
Also:
And:
Notably, what Mike asks (consent to be given by browser settings) is explicitly allowed by the authority:
But:
Many forget the general premise of all this:
On the post: We Lose A Lot When Podcasts Go Closed Instead Of Open
Antitrust action needed soon
I'm only happy if Spotify managed to find other content sources to reduce the time spent by users on the big music labels' content (and therefore the royalties paid to them), but that doesn't require forcing users to go on their DRM-infested web properties.
Matt Stoller has some good points (although there are some misunderstandings here and there):
https://mattstoller.substack.com/p/on-the-spotify-joe-rogan-deal-and
Quiz: find the responses to the recent European Commission antitrust consultation which would do the most to defend an open web.
https://ec.europa.eu/info/law/better-regulation/have-your-say/initiatives/12325-Evaluation-of-t he-Commission-Notice-on-market-definition-in-EU-competition-law
On the post: Yes, This Site Uses Cookies, Because Nearly All Sites Use Cookies, And We're Notifying You Because We're Told We Have To
Re: Re: Not helping anyone
It would help for the large majority of visitors, if you chose to remove the unnecessary cookies and other PII processing.
Nobody is saying this is easy: doing without centralized ad networks is indeed difficult for a small publication like TechDirt (unlike the NYT). As a reader I enormously appreciate all the efforts made to keep TechDirt afloat with various sources of revenues.
By the way, were you given the option to display "untargeted ads", which require less consent? This "option" was floated for a few publishers who estimated they'd be paid 25-75 % less for untargeted ads, see e.g. https://digiday.com/media/gdpr-mayhem-programmatic-ad-buying-plummets-europe/
On the post: Yes, This Site Uses Cookies, Because Nearly All Sites Use Cookies, And We're Notifying You Because We're Told We Have To
Re: Cookies before clicks
Have you tried privacy badger? https://privacybadger.org/
Blocking third-party cookies and JavaScript is relatively easy if one accepts some inconvenience. The problem is that third parties like Google Analytics nowadays store their information in first-party cookies, so you have to do some trickery based on the entropy content of cookies to guess whether they are legitimate necessary cookies or surveillance cookies.
Publishers lie all the time and there are some legal cases ongoing:
https://noyb.eu/en/say-no-cookies-yet-see-your-privacy-crumble
On the post: Yes, This Site Uses Cookies, Because Nearly All Sites Use Cookies, And We're Notifying You Because We're Told We Have To
Misreading of the law on essential cookies
This is a bad representation. EU privacy laws do not require a cookie warning for essential cookies, only for the inessential ones.
https://gdpr.eu/cookies/
See also the legal basis of processing under GDPR (consent is one out of 6 and tehre are various ways to gain consent):
https://ec.europa.eu/info/law/law-topic/data-protection/reform/rules-business-and-organisa tions/legal-grounds-processing-data/grounds-processing/when-can-personal-data-be-processed_en
https: //ec.europa.eu/info/law/law-topic/data-protection/reform/rules-business-and-organisations/legal-grou nds-processing-data/grounds-processing/when-consent-valid_en
Techdirt sets a number of cookies for unregistered users, few if any of which appear to be necessary to serve the content:
https://i.stack.imgur.com/joXty.png
Practically speaking, if you removed Google Analytics you would have done most of the work. (Or do you also show ads from Google? I'm happy to pay a subscription largely because I refuse to load ads. At the moment you don't seem to be loading any ads but maybe it's just you being suspended by Google Ads.)
Some passages of the Techdirt privacy policy are a bit dubious:
This seems to imply you don't share IP addresses with third parties, which is incorrect because Techdirt loads resources from Automattic, Google, FontAwesome, CloudFlare, Soundcloud, StackCommerce, Amazon, RawGit, Akamai and ChartBeat. Some of these are definitely superfluous, for instance fonts and static JS could be easily stored on your server.
People like to blame the EU law but the responsibility rests squarely with the laziness of the website admins and developers who failed to reconsider their usage of cookies. I'm happy to help with patches if there's a git repository you can share somewhere.
On the post: People Overestimate The Value Of Content; Underestimate The Value Of A Service That Makes It Useful
Permission culture reaches RSS readers
Apple is seemingly asking app developers to gain explicit permission from the "owners" of each RSS feed in their apps. This might be why this article is in the "trending posts" maybe?
https://inessential.com/2020/05/10/heads_up_to_rss_reader_authors
On the post: Our New Blog Series Exploring Tech In The Time Of COVID
Koch brothers
This is definitely the first time I hear of Koch money being used for good. Thanks for the transparency and keep up the good work.
On the post: How Most Of The Anti-Internet Crew Misread The News That The NY Times Is Getting Rid Of 3rd Party Advertisers
Re: Ad blockers and third-party cookies
No, but if they're simple banners without tracking cookies etc. people might be happier to let them show up. I would personally consider enabling ads on the NYT (I've never in my life seen one), as I used to do on StackExchange, if they're really in house etc.
Also, if it's all served from NYT servers it might be easier to not fall foul of the various systems protections from third party cookies which are growing in all browsers. Chrome 83, released this month, has started disabling third-party cookies as promised in January. NYT's decision was probably influenced by that.
https://www.aithority.com/guest-authors/death-of-the-cookie-future-of-online-marketing/
https: //thenextweb.com/podium/2020/05/14/no-need-to-mourn-the-death-of-the-third-party-cookie/
https://ven turebeat.com/2020/05/19/google-chrome-83/
On the post: Copyright As Censorship: WSJ Identifies Hundreds Of Bogus News Takedowns; People Blame Google Rather Than Copyright
Re: Re: Re: Liability
Yeah, it's quite unlikely for anything good to come out of it, but some states are getting creative. There's a small chance that some sensible (public or semi-public) out-of-court mechanism with low/zero legal costs will end up being instituted in some small state while the MPAA is distracted.
On the post: How Most Of The Anti-Internet Crew Misread The News That The NY Times Is Getting Rid Of 3rd Party Advertisers
Re: So...
They aren't.
On the post: How Most Of The Anti-Internet Crew Misread The News That The NY Times Is Getting Rid Of 3rd Party Advertisers
How most of Mike Masnick's article misread the news about NYT
No, Mike, I'm sorry but there's no indication that the NYT is doing anything like the ads networks it's replacing. NYT says they'll have a few dozens segments (mostly simplistic demographics data), as opposed to thousands in the most basic Google/Twitter/Facebook ads, multiplied by +inf combinations created by machine learning on behavioral data.
There is no indication that they'll buy data from data brokers to merge their users' profiles with their Visa/Mastercard payments, their movements, whatever they've visited around the web, their insurance and healthcare data and all the sorts of things Google/Twitter/Facebook do.
NYT is basically following Mike Masnick's advice that publishers probably don't need all this data trickery because
Mike, you won! NYT is going back to standard banners for its ads! Rejoice! Scream it from the rooftops.
On the post: Libraries Have Never Needed Permission To Lend Books, And The Move To Change That Is A Big Problem
Re: Libraries as an end to the anti-piracy conspiracy?
Some private torrent trackers have already tried to fashion themselves as privately run libraries but so far success has been limited (euphemism). The case was never seriously explored though.
On the post: France Is About To Waste A Ton Of Money Trying To Build Its Own Airbnb
Failure is not a problem
If the new service fails, who cares? Its failure will be used in an antitrust case against AirBnB to squeeze some money out of it. Bingo.
The copyright cartels show the way: make yourself irrelevant with terrible business decisions, then blame whoever is the richest kid on the block and get some corporate welfare.
On the post: Copyright As Censorship: WSJ Identifies Hundreds Of Bogus News Takedowns; People Blame Google Rather Than Copyright
Re: Liability
This would be possible under the (terrible) article 17 of the EU copyright directive 2019, thanks to the "redress mechanism" at 17(9), if member states got their act together.
https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32019L0790&from=EN#017. 009
On the post: Copyright Troll Richard Liebowitz Has Two Separate Courts Sanction Him For His Ongoing Copyright Trolling Failures
Re: Now if that can go from the exception to the norm...
The order to attend a course and so on seems quite strict. He'll probably fail to comply, so we'll probably see another contempt of court. Maybe this time he'll serve jail time? That might be instructive, especially if the jail provides law courses.
On the post: Quibi Is What Happens When Hollywood Overvalues Content And Undervalues Community
Re: Short Content - Do Users Want It?
Have you heard of Skam? Probably some people thought they had found the next goldmine, but neglected to study what made the format successful.
On the post: Supreme Court Says Georgia's 'Official Code' Is Public Domain -- Including Annotations
Re: Re: Incorporation by reference
By which I mean, https://www.eff.org/cases/publicresource-freeingthelaw
On the post: August 17 - 23, 1997
Link to older archive
Nice, the last link is archived:
https://web.archive.org/web/19980130070210/http://www.gsm.cornell.edu/Students/clubs/TMC/u ptodate/
On the post: Supreme Court Says Georgia's 'Official Code' Is Public Domain -- Including Annotations
Re: Incorporation by reference
There's a separate ongoing case about that anyway.
On the post: Supreme Court Says Georgia's 'Official Code' Is Public Domain -- Including Annotations
Re: Copies of OCGA
You know that it's all at https://archive.org/search.php?query=subject%3A%22Official+Code+of+Georgia+Annotated%22 right?
Next >>