WTH is this shit?!

edit: for those wondering, the setting can be found under Settings -> Privacy -> GDPR for the EU version only I think

  • krigo666@lemmy.world
    link
    fedilink
    English
    arrow-up
    92
    arrow-down
    3
    ·
    edit-2
    1 year ago

    The dialog shown does not comply to the GPDR. Makes it very difficult and time consuming to reject cookies and consent, according to the GPDR it has to have an option to do it quickly. This just a giant dark pattern dialog to make users give up.

    • WimpyWoodchuck@feddit.de
      link
      fedilink
      English
      arrow-up
      13
      arrow-down
      1
      ·
      edit-2
      1 year ago

      For me, everything was disabled once I opened the dialog options. Legitimate interest was still enabled, but that’s compliant to the GDPR.

      • Murvel@lemm.eeOP
        link
        fedilink
        English
        arrow-up
        11
        arrow-down
        1
        ·
        edit-2
        1 year ago

        ‘Legitimate interest’ consent for ad-tracking, as the settings state is not compliant with GDPR. ‘Legitimate interest’ consent bare bones and for security and other essential functions only, not ads.

      • Gamey@lemmy.world
        link
        fedilink
        English
        arrow-up
        6
        ·
        1 year ago

        It’s questionable, thechincally yes but most who ever use it try to fit all of the tracking in that too and I think that’s not as clear

      • SoaringDE@feddit.de
        link
        fedilink
        English
        arrow-up
        9
        arrow-down
        1
        ·
        1 year ago

        But wouldn’t “Confirm my Selection” reject all? It seema as though anything not necessary for proper functioning is diaanled unless you press enable all or manually enable some of them?

        • Gamey@lemmy.world
          link
          fedilink
          English
          arrow-up
          6
          arrow-down
          1
          ·
          1 year ago

          Legidimate interest usually means almost everything is enabled but it’s sadly often not even against the GDPR, just scummy af!

    • dnzm@feddit.nl
      link
      fedilink
      English
      arrow-up
      16
      arrow-down
      3
      ·
      1 year ago

      Not just “should”, the GDPR actually requires it. Not giving consent must be an easy option, not this dark pattern clickfest bullshit.

  • Kyle@lemmy.ca
    link
    fedilink
    English
    arrow-up
    76
    arrow-down
    9
    ·
    edit-2
    1 year ago

    I’m saddened at the amount of uncivilized discourse going on in this thread.

    You can actually talk about these bugs and development with the developer on discord, and also submit reports and suggestions on GitHub.

    Saying things like “fuck this” and “uninstalling” about a beta that has had at least 2 versions updated today is the same kind of useless discourse I’d expect with failed protests on Reddit.

    Here is a more civilized critique of one of the gdpr functions on GitHub. https://github.com/laurencedawson/sync-for-lemmy/issues/200

    Perhaps you can make a new issue about a reject all button as well.

    Edit- this response is to the commenters here, not op. OP made a well formatted and polite issue on GitHub.

    • usernotfound@lemmy.ml
      link
      fedilink
      English
      arrow-up
      18
      arrow-down
      13
      ·
      1 year ago

      If its uncivilised to uninstall an app because it’s bugs are invading your privacy, then I don’t want to be civilised. If anything, I’m doing the author a favour by telling them why I’m using their competitors.

      • bluefirex@lemmy.world
        link
        fedilink
        English
        arrow-up
        21
        arrow-down
        3
        ·
        1 year ago

        There is a big difference between “WTH is this shit” and “This is a reason for me to use another app”.

        • usernotfound@lemmy.ml
          link
          fedilink
          English
          arrow-up
          5
          arrow-down
          9
          ·
          edit-2
          1 year ago

          I agree that “fuck this” might be a bit too strong for some people, I don’t think there’s anything wrong with “uninstalling”, as long as the reasoning behind it is mentioned.

          Edit: I see now that you’re talking about hypotheticals, because nobody in this thread is doing that.

  • Double_A@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    64
    arrow-down
    7
    ·
    1 year ago

    This is the most asshole design for those dialogs. If it doesn’t have a “Deny all” button, fuck you.

  • usernotfound@lemmy.ml
    link
    fedilink
    English
    arrow-up
    64
    arrow-down
    11
    ·
    edit-2
    1 year ago

    Why is it called “Revoke consent”? Consent was never asked during setup, so how can it be revoked?

    Edit: oh great. It doesn’t even save your settings for objecting to “Legitimate interest”. Uninstalled.

    It’s ironic, because the companies who claim to have a legitimate interest in tracking my behaviour are the ones I want to block from tracking me most of all.

    • BrainisfineIthink@lemmy.one
      link
      fedilink
      English
      arrow-up
      10
      ·
      1 year ago

      Highly recommend thunder or Connect as well if you aren’t satisfied with liftoff. I’ve used all (I think?) The android apps and those two go back and forth for my favorite. Thunder looks slickest but connect is the most stable and easy to navigate imo.

  • SuperIce@lemmy.world
    link
    fedilink
    English
    arrow-up
    34
    arrow-down
    5
    ·
    1 year ago

    You can’t even revoke consent in the US. I’ll be sticking with Thunder instead of Sync for Lemmy.

  • Wet@lemmy.world
    link
    fedilink
    English
    arrow-up
    24
    arrow-down
    5
    ·
    1 year ago

    I guess it’s more of a Google’s fault, but still, having to spend 10 minutes to Reject all is insane.

    I’ve uninstalled it, sticking with Connect and will also give Thunder a try. Loved Sync for Reddit and paid for it gladly, but as it is, I’m out.

      • frenchdresses@lemmy.world
        link
        fedilink
        English
        arrow-up
        5
        arrow-down
        2
        ·
        1 year ago

        Hm, I’m curious how the law interacts with apps in alpha and beta. Like if an app is brand new and still under development, does it have to follow those laws immediately or is there some leeway because of the app being new

        • usernotfound@lemmy.ml
          link
          fedilink
          English
          arrow-up
          3
          ·
          1 year ago

          Why would it be legal to ignore the law because your product is in alpha or beta? Hell, Gmail was in “beta” for like the first 10 years of its existence.

          • frenchdresses@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            I’m thinking more about apps that aren’t released to the public in any way.

            I guess the old use of the word “beta” where things were tested by paid people instead of the public

        • Gamey@lemmy.world
          link
          fedilink
          English
          arrow-up
          3
          ·
          1 year ago

          From my knowledge of the EU as citizen I would say probably not, if they do something exceptions are only made for companies who spend a lot of money lobbying or if public outrage is big enough

        • sanpo@sopuli.xyz
          link
          fedilink
          English
          arrow-up
          3
          ·
          1 year ago

          It doesn’t matter, app in development can hurt privacy just as well and must follow the same rules.

    • klyde@lemmy.world
      link
      fedilink
      English
      arrow-up
      9
      arrow-down
      17
      ·
      1 year ago

      It was a bug you whiny fucking idiots. Fucking stupid people on the internet.

  • FunkyMonkey@feddit.de
    link
    fedilink
    English
    arrow-up
    21
    arrow-down
    3
    ·
    edit-2
    1 year ago

    I’m fully for supporting ljdawson and this app - the former version of which I’ve also purchased.

    So, I was really surprised when I saw that the gdpr consent form had some of the worst dark patterns with the opt-out “legitimate interest” for each party.

    The first time I was so excited to have sync again, that I just confirmed selection. Stupid of me. Second time, I spent minutes opting out of each individual party’s “legitimate interest” - after giving consent.

    No idea what this means or if ljdawson knew (he’s the dev though), but this really soured my experience.

    I think I’ll still purchase, but this sucks.

    Edit: I’ve since purchased the ad-free version. I want to give ljdawson the benefit of the doubt and maybe also chalk this up to the beta state. I just quite dislike dark patterns.

    • MinusPi (she/they)@pawb.social
      link
      fedilink
      English
      arrow-up
      8
      ·
      1 year ago

      Since it’s GDPR, I wouldn’t be surprised if this is a drop-in library or something that uses those dark patterns instead of LJ setting that up himself.

  • plantstho@kbin.social
    link
    fedilink
    arrow-up
    19
    arrow-down
    2
    ·
    1 year ago

    I’m in the US and don’t have the ability to opt-out of these things.

    I used Sync for Reddit for many years but the Lemmy version’s privacy policy is not what I was hoping to see. I would love a clarification around what privacy improvements a subscription might add…

  • Ethalis@jlai.lu
    link
    fedilink
    English
    arrow-up
    13
    arrow-down
    1
    ·
    edit-2
    1 year ago

    The two toggles called “Consent” and “Legitimate interest” is one of the most jarring things I’ve seen since GDPR came out. Those are legal basis for processing data, they’re not supposed to shown like that to the user, that just makes no sense.

    User have to opt-in for processing activities that are based on consent, and be allowed to opt-out of processing activities that are based on legitimate interest, but to do that they must know what those processing activities are in the first place!

    Edit: The more I think about it the more it makes my head hurt. What does a toggle just called “consent” mean? Am I opting in for “consent”? Why are they just writing “legitimate interest” without telling what is the interest and why it is legitimate? Complete nonsense