Ever since the General Data Protection Regulation (GDPR) [Wikipedia | Official text] was enforced on 25 May 2018, the majority of websites I visit has welcomed me with privacy-related popups, prompting me to either accept or reject their cookies. Of course, in 99.9% of cases, advertising trackers are involved. The blurb provided in the popup dialog typically says something along these lines:
This website uses cookies to personalise content, provide custom experiences, target ads, to provide social media features and to analyse our traffic. Etc.
The really infuriating thing is that in most cases the user interaction of such popups is designed in such a way as to make the rejection of said cookies hard to discover or unnecessarily complicated for the user. Basically, you’re given the ‘easy path’ — Accept all cookies or the ‘necessary’ cookies with just one click and the popup is dismissed; or you can choose the ‘hard path’ — Click to expand the popup dialog box or to go to a entirely different page that provides a most detailed list of cookie options you can enable/disable according to your needs and wants.
You may say this is laudably transparent: the website gives you a great amount of fine-grained customisation for the cookies and trackers you want to enable or disable. I say this is employing a dark-pattern-style behaviour to make the visitor choose the path of least resistance.
Accepting everything is the quickest, easiest way to access a website, and since most of the time this dynamic happens when a visitor is following a suggested link to an article or video, all the visitor wants to do is to read that article or watch that video as soon as possible. So they accept the shit cookie and the website has managed to maintain the pre-GDPR status quo of abusive tracking with minimal effort, while doing nothing wrong on paper. A lot of these popup cookie prompts proudly proclaim: We value your privacy. Bullshit.
Here are some examples.
In my opinion, this is how it should be done. Now, I don’t know for certain that clicking on I do not accept will effectively disable unwanted cookies, but from a user experience standpoint, this is acceptable behaviour in my book. Whether you accept or do not accept, the process is one single click. If you want to know more, you click on the More Options or Show Purposes links. But sadly, at least in my experience, these prompts are in the minority.
A lot more frequently, you’ll find things like these:
If you click Got It, the window is dismissed and you can access Macworld. If you click Settings, you get this:
At least the user interface is clean. But it’s still a mess of nested settings and options you have to go through and toggle individually.
Other times, you don’t even get the clean interface:
Here, if you click on Cookie Details, you can enable/disable entire categories of cookies, but the information about each cookie is presented in a very geeky way that’s hostile towards non-tech-savvy people:
The interface is intentionally cramped, the text font size is small, you have to scroll through a lot of details, and the ‘Necessary’ category cannot be disabled anyway, so you’ll always allow a minimum of tracking when you finally click on Continue with Recommended Cookies. This template, as far as I know, isn’t specific of the website I was visiting — I have encountered it many times on other sites. That’s why you don’t see the website name in this example.
But wait, there’s worse:
Here we have three different examples where only the Accept option is featured prominently. If you want to exercise your right to disable privacy-abusing stuff, you first have to click a link (which sometimes is very clearly indicated, other times it barely stands out from the rest of the text block), and then you’re directed to a Privacy Policy page where you hopefully will find something to disable after going through a wall of text that in some instances looks like a EULA. In the three examples above, TIME seems to just shower you with a selection of links you can visit to ‘get more information’, ‘explore your options’, blah blah blah.
Again, I ended up with this popup on my face simply because I wanted to read an article on TIME after following a link on Twitter. And I was using my iPad. Imagine when this happens and you’re on your phone, in a coffee shop or while commuting. You don’t want to read the fine print or tap on small checkboxes. You want to read the damn article. You tap Continue, go on your merry way, and get fucked in the process. No, let’s use a tech term of my own coinage here: you get trackfucked.
So here’s what I do
If I’m given a 1‑click option to Accept or Reject cookies, I’ll just click on the Reject option. If I’m made to jump through stupid hoops to revoke my cookie consent, I’ll click on Accept, or Continue, whatever. Why? Because I have a full arsenal of content blockers that will block this shit anyway. Among the blockers I happily use on my devices are:
- uBlock Origin (see also the Wikipedia entry, that explains how uBlock Origin and uBlock are two different things). Note to vintage Mac fans: If you’re using TenFourFox to browse the Web with your PPC Mac, you can easily install the Firefox uBlock Origin extension. (Same with Ghostery below).
- Better by Ind.ie
- Ghostery
- AdBlock Plus
- The Brave browser, which has a lot of ad- and tracker-blocking features enabled by default.
There are more, of course, but these represent a very good starting point and offer a faster, track-free, less resource-demanding browsing of today’s Bullshit Web.