One of the most visible results of GDPR is all the cookie notifications you've been seeing.
Here's what's behind all that.
One of the most tangible requirements of the GDPR is in the definition of what constitutes a proper cookie consent, meaning, that the consent has to be:But don't just click through those pesky notices. Click on them and wade through them.
- Informed: Why, how and where is the personal data used? It must be clear for the user, what the consent is given to, and it must be possible to opt-in and opt-out of the various types of cookies.
- Based on a true choice: This means, for example, that the user must have access to the website and its functions even though all but the strictly necessary cookies have been rejected.
- Given by means of an affirmative, positive action that can not be misinterpreted.
- Given prior to the initial processing of the personal data.
- Withdrawable. It must be easy for the user to change his or her mind and withdraw the consent.
It's pretty fascinating what's in them.
Recently I logged into runkeeper.com.
I got the following notice:
I didn't just click on the bright yellow "✔ Accept cookies" like most people would.
Rather, I clicked on "> Cookie Settings".
Here's what I got:
Look at how much control I had over what cookies would be stored!
I was impressed that the "Targeting Cookies" were turned off by default.
I flipped all the switches to "Inactive" and noticed no degradation in performance or function.
By the way, here's the site referenced in the fine print at the bottom. Somebody is making a lot of money.
Some of these dialogs have actually given me the choice of which partners the site can share my information with.
Here's what I got from the Daily Star.
Don't click on "Continue and Accept All". Rather click on the tiny "here".
On the next screen click on "Continue to partners".
Click on "Select all" and then on "Reject all"