Can you blame it?
It would be nice if, unlike GDPR, some veteran UX leaders would be consulted before this legislation was drawn up.
GDPR was well intentioned, but many of the pop experiences are littered with dark UI patterns, and most of those pop up experiences are annoying as hell.
An amendment has changed the rules on that. They need to be as easy to reject as to accept. Lots of websites atm are breaking the law on this still.
My hot take is that GDPR, CCPA, etc. should require sites to go through a standard user experience native to the browser’s chrome. Kind of like how Android and iOS handle tracking permissions for Play and App Store apps.
That seems like it would be way easier to audit / govern, and it would be a better overall experience for end users.
The issue with that is that there are so many different apps that process data in so many different ways.
A phone has a bunch of physical features. Letting a website/app know what’s available and request access is a small extension of the hardware APIs with clear defined purposes.But a financial app is going to have widely different data interests and processing than a workout app, which will be different from a video game, a calculator, a forum etc.
I don’t know how it can be normalised into something programmatic.I guess it’s why law and courts are so complex. Sure, laws are written down, it should be easy… but they are regularly challenged and tested.
It’s a difficult problem to solve.The ideal way would be to cut the legalese bullshit in the privacy policy.
However, that’s a legal document, so it needs the legalese.
It actually needs an honest human readable summary that sums up what’s collected, why it’s used etc.
Oh, I’d noticed that a lot of sites now seemed a lot better. It’s so frustrating when a site has you jump through 4 delays to reject, but accept keeps working fine. As soon as there is a delay now, I’m out of there.
It’ll be nice when we have the settings built into your browser and the sites need to comply so it’s on them not you to verify your preferences.
It’s worth re-mentioning this whenever it pops up.
The GDPR does not mandate the cookie pop-up. The GDPR just says that companies cannot gather personal information about you without your consent,
If companies weren’t trying to build a profile about you all the time, they don’t need a banner in the first place. The GDPR is amazing because it makes it immediately obvious which rare companies actually respect you and your right to privacy, due to not needing cookie banners in the first place
As someone from the UX side of the fence, I can assure you that there are a lot of legitimate convenience and or fraud protection reasons for why a company might store PII server side for the user’s convenience. Targeted marketing isn’t the only reason to store identifying information.
Fraud prevention is a legitimate interest and does not need a consent request.
I’m pretty sure that is specifically called out in GDPR. Certainly ICO (UK) has loads of articles on it.However legitimate interests are often difficult to demonstrate compliance, so it can be easier to rely on consent.
Imagine if fraud prevention mechanisms were ineffective if you do not consent to targeted advertising.
Black Hat: Darts! These darks patterns got me again, I accidentally consented, now I won’t be able to bypass the captcha!
God, let’s hope nobody ever tries that. Higher prices because you don’t consent to more invasive tracking, because it poses a higher fraud risk to the company.
Thankfully, processing the same data for fraud prevention should be a different consent process/option than processing it for targeted advertising.
That’s kinda the point.
Any server you connect to knows your IP address. As does any equipment between your home network and the remote server. It has to, that’s how networks work.Processing that to ensure your IP isn’t abusing their servers is legitimate interest.
Processing that along with your interactions with their website likely isn’t legitimate interest, so has to get consent (as this is likely profiling or user tracking, regardless of cookies used)
You could argue that it is legitimate interest, but then you have to back it up in your privacy policy as to why it is required, and it could be easily challenged as it’s such a broad and subjective term (whether that challenge goes anywhere is up to enforcing bodies, like the EU/ICO/whatever).
The idea is that the barrier of entry for “legitimate interest” is high enough and that abusing legitimate interest carries a risk, so that it isn’t the default.Just because you have access to the data, doesn’t mean you can use it however you want.
Some French websites have already started saying “Accept advertising trackers or subscribe to the paid plan”. Marmiton started it, some newspapers followed suit, and I don’t believe the French courts have reached a conclusion on legality yet, but clearly some legal experts at those companies are convinced it could work.
I can understand where the newspapers are coming from. At lot of mobile apps do this, ads vs paid versions.
But an ad companys product is not to the end user, and often their interests are at odds to the end users privacy.
They want to show ads to people where they are most effective. They want to prove they have shown the ads, and they want to prove that the user has been influenced by the ad.
All of this needs ridiculous tracking to support their business model.It’s the ad companies at fault.
If you decline consent to an ad company, then they should show you generic adverts.
If a website requires ads vs subscription, then accepting data processing consent should not be part of the contract.
So, as long as the websites give you the option to decline data processing from the ad company without affecting your ability to use the website, then it’s fine.
Others have said it already but… That shitty UX experience is the website’s own fault. I suspect many of them make it especially shitty just to spite the legislation.
That shitty UX experience is the website’s own fault.
It was a predictable outcome that politicians should have foreseen.
Making it more annoying to not consent is already illegal so otherwise that’s just the website having poor UX. What’s the EU got to do with a website that intentionally or by incompetence has poor UX? That’s not illegal and shouldn’t be… As long as both consenting and not consenting is equally shit it isn’t unfair, and the poor UX is really just a detriment that the developers brought upon themselves.
While “technically true” it’s naive to assume the law will be implemented the way you imagine.
Government raises taxes on gas. “OMG the companies are charging more for their products!”
Government makes it harder to meet emission standards for small trucks. “OMG companies aren’t making small trucks anymore!”
You have to assume that companies will act as petulant children. They will almost always exercise malicious compliance.
I mean it costs money to design for and be compliant with. Doing it properly even more so.
You shouldn’t assume the contents of the GDPR based on what most companies are doing. It’s not legally consent, if it was not given freely. So, no dark patterns, no coercion, no inaccurate descriptions, nothing. You need to inform the user as accurately as possible and ensure that they choose what suits their interest. Then it’s consent.
We don’t need AMP links on Lemmy. Please try to avoid them by posting links to the real article. We (mostly, I’d think) have ad blockers, so it won’t be a problem.
We should have Lemmy auto translate these links to non amp versions, or just outright refuse those links
Sorry for that, but I don’t actually understand what you mean…
EDIT OK I’ve googled it and it seems to be a page that is sponsored by Google but I use Firefox and it worked fine with that - so is the problem that it doesn’t work with certain browsers?
Not only sponsored, but owned by Google.
AMP links are basically Google repackaging other people’s articles. It prevents the actual owner from getting a pageview and let’s Google track you more invasively.
How is that legal?
Thanks for the info - was not aware of this before. Yet more wonderful business practices from the world of big tech…
Basically AMP is a copy of the website content hosted by Google for a “speedier load” but there are privacy, longevity, and general decentralization concerns with the “protocol.”
Thanks for this - this is something that has passed me by. So essentially plagarising another website’s content for traffic plus the usual Google shenanigans? Nice
I mean, the website opts into it (it can’t be done with any website), but otherwise yes.
Obviously - I guess I’m more surprised at The Register in that case. They’re a very savvy industry magazine. Presumably they get a hefty wad.
Didn’t Windows used to have a browser selection screen already? What happened?
If you have use the one in windows 10/11 its a bit of a nightmare. You have to manually change the default browser for all file types from edge to your new browser. And there are about 20 options you have to manually change over.
Edge does a lot of things to annoy me on Windows, but this is not one. I do not think I had to change the default browser for every file type. Also the normal user would never notice this problem, as they rarely open HTML files directly.
The latest trick is they ignore the default choice completely and open all links in Outlook in edge anyhow, also they are sending notifications saying to use edge or get less battery time.
I haven’t used Windows since XP, but I’m interested in how that works. Do you have any link about this?
It was made as result of an EU settlement that only lasted about 5 years. https://en.wikipedia.org/wiki/BrowserChoice.eu
I have absolutely no idea why they figured 5 years would be good enough.
The idea is it gives enough time for competition to establish and then everyone completes on an even footing without fettering the original monopoly after it’s no longer a monopoly in that space… arguably it worked as Chrome took over but all that’s happened it it made a new monopoly 🤷🏻♂️
When was that?
This is one of those things that is great in theory, but proper execution is going to be hard
Why? In windows you already have a dozen selection screens during installation, just adding one for the browser would be a huge deal.
OEMs could just install every popular browser.
What determines a popular browser?
Would smaller browsers like LibreWolf make the cut? What is the prerequisite? Should every small fork of a few dozen users be shown?
Should security patch speed and security defense be shown? What about number if CVE’s
Which order are they shown in?
Do they have descriptions, and how do you accurately describe the difference in web browsers in a short description?
Should Firefox mention they’re the only non-Chromium browser engine, and should it be grouped by browser engines instead?
Is it really diverse if they’re all just Chromium skins?
If Firefox is going to be buried at the bottom of the list, is that really as fair as the first one in the list?
What about if they unfairly resize their Edge browser as half the screen and preselect it as a default, while making the alternatives smaller and harder to see at a glance for people that just want to go quickly through the options.
How do you accurately describe what the browser defines “private” as?
At what point is the user too informed or too little informed? You don’t want to information overload.
This is why it’s more complicated then just “show every popular browser”.
There’s not really much here that isn’t pretty easily solved. Alphabetical order, descriptions yes, written by each vendor. Yes Firefox would be required to be listed since it’s one of the handful not based on chromium. Design literally is just solving these exact kinds of problems and it happens every day, no need to make it a harder problem than it is.
I can’t wait to start using Aardvark browser.
Alphabetical order
A problem since a lot just choose the first or last.
https://www.sitepoint.com/european-browser-choice-today/
https://www.sitepoint.com/microsoft-fix-their-non-random-browser-choice-screen/
If they really wanna provide options they can.
It is a hard problem, for all the reasons I listed lol. Alphabetical order would be a terrible idea, browsers would be punished because of their name. Randomized order would be better. Obviously Firefox would be there, that doesn’t even need to be stated. This isn’t easily solved, and we do not have browser neutrality or anything close to it in any form or platform. How does your solution help against the blink monopoly that is killing the internet?
These are things you need to figure out, there’s no “no need to make it harder problem than it is” when it comes to designing these very important things. That’s just how you have straight up bad design that isn’t thought out.
If you want to compare to how app stores do it, which are still no neutral at all, they still are constantly changing. Mobile app stores recently got the privacy nutrition label, some desktop ones have the same for security. Install base is going to skew numbers. Imagine putting Palemoon as an option and not giving massive security warnings all over the product page. Should there even be a product page for just one selection screen?
As someone who struggles with decision paralysis all the time, you obviously get that but much worse.
And yes you are 100% making this harder than it is.
“This is how you get bad design”
Ok and your way is how we get complete inaction
All of that points are valid questions to be solved for an implementation. I want to add another one: Which part of the users profit from this?
Most users don’t give a fuck which browser they use as long as it’s working. They cannot comprehend most information you described in your questions and want a simple solution. The other part of users usually knows how to install and select a browser of their choice on a PC. After all it’s not that hard with the current OS choices available anyway.
I agree, mostly. let OS have a default choice; sure, even make it not uninstallable (as a failsafe so that noone accidentally ends up with no browser whatsoever). but also FORBID them from ever automatically switching back after user makes their choice and FORBID them from prompting the switch in any place in the OS. opt-out is opt-out, not opt-out-but-maybe-will-change-my-mind-at-some-point-or-just-misclick. and this doesn’t only go for browser. any “restore microsoft recommended settings” should be fucking banned. if I want to open my PDFs in sumatra, I want it to stay that way and not be prompted to use fucking edge for that. sure, ask my once whether I’m sure about it. but that’s it
I remember there was a debate over iOS sideloading and someone made a very good point. Apple can lock me out of their eco-system, stop updates, void warranty. but let users use their fucking devices as they wish.
So, Chrome and Edge? No thank you.
Firefox would obviously also be included.
Maybe even brave and opera too.
It’s a shame Opera dumped their in house rendering engine, but it’s understandable when the
market leadermonopoly keeps making changes that are hard to keep up with… not to mention the “Not compatible with your browser” stuffA shame Opera is a privacy nightmare sending data directly to China!
That’s not so obvious to me. Companies might refer to usage statistics to exclude the ones you mentioned.
top 5 is a common metric
Not really. We already did it with BrowserChoice.eu, just do it again. Just this time don’t cancel it. It doesn’t need to be perfect, as anything is better than what we have today.
One issue I can think of is that, if you list “all browsers,” most are still chrome under the hood, thus stacking the seemingly “equal” choice.
They could make groups based on enginey and then randomly shuffle those. And within those either list browsers by popularity or again shuffle.
Would also help to educate people how little actual choice there is
Can’t read the article (Cloudflare blockade).
In principle there needs to be pushback on the power of defaults for sure. Yes, all the options are shit anyway, but that’s in part due to the #powerOfDefaults.
We were here before when Internet Explorer 6 was the dominant browser.
It didn’t reduce the usage of IE. People just pick what they know in those screens.
Lol I think I will have to stop using internet.
We could all start using search engines that filter out the shitty websites. But then what’s left? Ombrelo¹ filters out the Cloudflare sites which only scratches the surface of web deshitification & results are often less than one screen. So in effect, you’re right. The free world is getting so small we might as well unplug.
Despite numerous choice screens, we’re still here 30 years later bringing up this shit every few years.
🤦♂️ 30 years you’ve all been arguing default browsers.
Maybe stop using Windows?
I like the idea, but the reality is business simply can’t. Too much stuff just isn’t available on Linux (e.g. CAD), and small business can’t afford the maintenance/support costs (Linux isn’t anywhere near as turnkey as Windows).
Then there’s training costs/lost productivity to unfamiliarity.
I’d love to help people move away from MS, I’m trying to for my personal laptop, but it’s a challenge even for me, a near-40 year IT egghead (my first programming assignment was Fortran on punched cards).
My biggest barrier is OneNote. Nothing I’ve tried comes close to what it can do, anywhere near as easily. Obsidian is the front runner, and I find it clumsy and convoluted in comparison. Though the devs are working hard on it, even building tools to migrate from OneNote.
Now imagine trying to teach people who don’t understand how Windows works to use any flavor of Linux. End users really have no idea how stuff works, and shouldn’t - their abilities lie in doing things I have no idea how to do.