I find it interesting how many HN'ers now don't think consumer protection is a good thing.
(Actually, in hindsight it isn't that surprising. Tech companies only make the money they do because of the lack of consumer protections... so definitely in most HN'ers interest to keep the status quo.
European legislators are why I now have a cookie banner on every website I visit. It is hard to be enthusiastic for more of that. I could support basic antitrust actions that actually promote competition, but when it gets into actually writing technical requirements, the outcome seems less than ideal.
It's fine to debate what exact policy is the best, but it's not productive to just dismiss all regulation as bad because some are inconvenient.
FWIW, the only reason cookie banners are annoying is because the sites intentionally made it that way to bully you into allowing 3rd party cookies. EU regulations allow a site to not have banners if 3rd party tracking is opt-in. They could easily do it via a separate settings page. They only chose the banner because they want you to keep tracking cookies on and the annoying banner results in a higher rate of people agreeing to be tracked at the cost of annoyance (which is somehow respun to be directed to the policy not the site owners). Imagine if every time you enter a business you were asked to sign a liability waiver. That's what cookie banners are.
(You do not have to have a banner if all the cookies you use are first party "essential for functionality" cookies)
The problem is that it's insane to leave all of this for the website to implement correctly. It's a UX nightmare and it opens the door for a company to game the system, secretly ignore my privacy setting, etc. The EU solution is, of course, to turn a technical problem into a legal problem. Sue the company if their "Allow" button is too big or it doesn't work as advertised.
It should be a consistent browser-based preference that makes it impossible for a website to do something that I told it not to do. The problem with that is it requires innovation because cookies have inherent privacy design flaws. When you can't innovate, legislate.
> The EU solution is, of course, to turn a technical problem into a legal problem.
As a regulatory body, what else can they do...? In fact, I actually see this as a good thing.
You should think of regulation as an abstraction, an interface, a contract, that defines only a desired outcome (in this case the idea that 3rd party tracking should be opt-in rather than opt-out or non-opt). The details are then left to private entities to implement.
In fact, had they defined it to be say a browser feature or any other specific implementation, it would be strictly worse. By legislating the abstract concept of 3rd party tracking consent, they are leaving open the door to innovation. The idea is that if someone can come up with a better way of collecting consent in terms of UX, while still guaranteeing the same level of consumer protection, then they should be able to outcompete worse implementations.
The law does not require banners per-se (instead requiring affirmative consent before tracking can commence), nor does it require any button size (instead requiring that features not requiring tracking not be gated behind the consent wall and that certain consent outcomes shouldn't be favoured as a part of the UI). What we have is only that way because innovation is not that fast and the motivation to innovate here isn't that high (yet) --- banners are easy enough to implement and not so egregiously bad as to turn away users.
Yes, they should have just elevated the Do Not Track flag to legal status. If the flag is on, tracking cookies forbidden. Easy. It would have solved the cookie banner problem entirely. Some browsers have already removed it but I'm sure they would have put it back of the EU actually made this feature useful.
I don't know why they didn't use it in the law. Probably advertiser lobby because it's much easier to coerce the user into agreeing when they control the process (dark patterns)
I think you have it the wrong way around. Apple is exercising bureaucratic control over technology, the EU is about to give them a lecture in disruption.
It's a different world view I think. In Europe with our more socialist history, we view government regulations mainly as a protection of civil rights. Whereas in the US it seems to be viewed more as a kerbing of freedom.
It's not as black and white of course but this seems to be a recurring theme.
Another way to put it might be that Americans fundamentally do not trust the state, and Europeans (or at least Western and Northern Europeans) do.
Of course, this is painting with a very broad brush, and people in both places believe in all sorts of different political ideologies, but I think it generally tends to be true. Europeans are more likely to reason along direct lines like "this is a good policy, therefore it should be enacted" whereas Americans will think in more abstract terms like "this may be a good policy, but do we really want the state to have the power to enact such a policy? How may this power be abused in the future?"
I don't have a good explanation for _why_ this is the case; intuitively, you'd expect the opposite, since the US has never had a totalitarian regime, and most of Europe has within the last 100 years. My only guess is that nowadays the US is way more corrupt, undemocratic, poorly run, etc. than most countries in Western and Northern Europe which leaves a bad taste in people's mouths.
