back to article IAB Europe's ad consent popups pose privacy problem

Online popup solicitations that seek consent for targeted ads in Europe represent personal information, according to the Court of Justice of the European Union (CJEU) – a decision characterized as either a "mortal wound" for online ad tracking, or a welcome clarification, depending on whom you ask. On Thursday, the CJEU upheld …

  1. Flak
    Mushroom

    Shut it all down, please

    The term 'charade' is used in this article, which is not strong enough.

    It is a murky morass.

    We are pestered several times a day by these stupid popups which are still designed to beat us into submission (consent). They are not transparent! Who reads the long list of companies under each category, let alone understands who they are or what they do - and what they do with 'your' data?

    And more recently the notion that you also consent to 'legitimate interest', adding further sliders you have to undo (I thought that was illegal already).

    Solution:

    Make 'no consent' the default and not require removing consent from legitimate interest categories. Have a button on a website where the operator can put forward all the arguments why someone should consent. And if someone continues to browse, they don't...

    Simple. And overdue.

    Oh - and what happens in the UK???

    1. Jellied Eel Silver badge

      Re: Shut it all down, please

      Oh - and what happens in the UK???

      At least one Brit is asking themselves how to find/block/spoof the "TC Strings" generated by their devices. Why this isn't a default OS or browser choice is somewhat puzzling, as is a generic opt-out for all stalking and tracking garbage.

    2. heyrick Silver badge

      Re: Shut it all down, please

      Long list of companies? Due to a potentially unlawful "interpretation" of the rules (my opinion), the French authorities have allowed for users to be given a choice to "accept all this tracking" or "pay/subscribe". There's no free choice possible so I don't know what mind twisting is necessary to think that is acceptable.

      At any rate, a site I briefly stopped by (comment ça marche) had a pop-up that explained this and stated what would be done with my information and cookies placed on my machine by both them and their 275 partners.

      Fuck that noise, I hit back so hard the shock wave created a singularity.

      1. Anonymous Coward
        Anonymous Coward

        Re: Shut it all down, please

        I'm pretty sure that you're right in that it is illegal. I thought that the judgement was that a choice has to be free and "otherwise you pay" isn't a real choice.

        I've only seen this once on a French site... but I don't visit that many to be fair.

        1. Anonymous Coward
          Anonymous Coward

          Re: Shut it all down, please

          The DPRs of France, Germany (only some states as far as I can tell), Spain, and Denmark have all okayed cookie walls.

          Austria has ruled against them.

          1. Cloudseer

            Re: Shut it all down, please

            The Netherlands also ruled against them.

      2. Throgmorton Horatio III

        Re: Shut it all down, please

        "Fuck that noise, I hit back so hard the shock wave created a singularity."

        No sarcasm intended - how DO you hit back? Surely the choice is to walk away or accept, and that's it.

        1. heyrick Silver badge
          Happy

          Re: Shut it all down, please

          The little arrow that points me back to whence I came.

          (but, yeah, could have worded it better)

      3. heyrick Silver badge

        Re: Shut it all down, please

        and their 275 partners

        I can top this. TVGuide.co.uk says:

        "We and our 449 partners store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products."

        Four hundred and forty nine! WTAF.

        Thankfully "Reject All" is two taps away, as if that is anything more than a placebo.

        1. An_Old_Dog Silver badge

          Re: Shut it all down, please

          Then you have the easy/cheap/free website generator ("wix.com", et. al.) whose generated websites greet one with the message, "You must enable cookies to view this website", and/or, "You must enable Javascript to view this website."

          Those companies won't change because (a) they want a share of that ad revenue, and, (b) their customers typically don't care; most of them probably don't even understand enough about how the Internet works to even begin to care ("I get my Internet through the big blue-and-green "e" button that's on my desktop. What's 'Javascript'?").

        2. Anonymous Coward
          Anonymous Coward

          Re: Shut it all down, please

          You missed another 103 under 'special purposes'/'security and fraud prevention', 88 more under 'special purposes'/'deliver and present ads and content'... and a shed load more under 'features', where they combine data from different sources and link your various devices... none of which are covered by 'reject all'

  2. Mike 137 Silver badge

    But here in Blighty ...

    'either a "mortal wound" for online ad tracking, or a welcome clarification'

    The current proposal in the UK (the Data Protection and Digital Information Bill) is to scrap the need to obtain consent, so apparently the problem is quite easy to "solve".

    1. Flak

      Re: But here in Blighty ...

      Another Brexit benefit.

      Open for business & stuff the consumer.

    2. Graham Cobb Silver badge

      Re: But here in Blighty ...

      I use the Firefox feature which allows me to open all websites (except a few I set up as exceptions) in a new, unique, empty container. So any cookies a site set just get discarded.

      That doesn't stop them tracking me by IP address, but I take other precautions against that (by changing the IP address of my browsing proxy at least every day).

      What forms of tracking have I still missed?

      1. An_Old_Dog Silver badge

        Re: But here in Blighty ... [Other Tracking Methods]

        * Browser/system fingerprinting - what fonts you have installed, CPU, OS and OS version, browser, browser version, etc.

        * Supercookies.

        * MAC address of your PC (your REAL MAC address, not the one you told your OS to spoof)

        ? Can you configure your Android or iOS phone to use your browser proxy? And, after having done so and rebooted, if a site then requests your MAC address, does it get that address from your browsing proxy, or from your smartphone?

        1. heyrick Silver badge

          Re: But here in Blighty ... [Other Tracking Methods]

          "if a site then requests your MAC address"

          There's your problem right there. No browser should be handing out that information.

          1. An_Old_Dog Silver badge
            Devil

            Re: But here in Blighty ... [Other Tracking Methods]

            No, the browser should not be giving out that information.

            See solution #2 to "how to get client mac address in all browser" https://www.codeproject.com/Questions/1002604/how-to-get-client-mac-address-in-all-browser

            1. Graham Cobb Silver badge

              Re: But here in Blighty ... [Other Tracking Methods]

              Doesn't work (the 1-star rating of the answer is probably a clue to that). However, feel free to post a URL here which, if I click it, will display my MAC address. I will let you know if it works. I'll even allow Javascript to run.

              Fingerprinting is, indeed, a problem but I use several Firefox plug-ins to defend against that.

              I can't comment on phones - I don't do any significant web access from them.

              1. Strahd Ivarius Silver badge

                Re: But here in Blighty ... [Other Tracking Methods]

                Have a look here Navigateur & Système d’exploitation for some information that any site can retrieve easily.

                But the MAC address, as far as I can say, is not something that is available outside of our local network.

      2. Cloudseer

        Re: But here in Blighty ...

        Browser fingerprinting

  3. heyrick Silver badge
    Mushroom

    a "mortal wound" for online ad tracking

    Kill it with fire.

  4. Pascal Monett Silver badge

    "deal a mortal wound to the online tracking-based advertising industry"

    Yeah. I believe in Santa Claus as well.

    I only wish it could be true, but experience tells me that fucking assholes full of money generally get their way, whatever the law says.

  5. Ashto5

    Aliens

    Best nuke it from space, it’s the only safe way

  6. frankster

    One trust consent popups are a clear offender. One click to accept all, but a hidden UI and multiple clicks to refuse consent.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like