It would be nice if, unlike GDPR, some veteran UX leaders would be consulted before this legislation was drawn up.
GDPR was well intentioned, but many of the pop experiences are littered with dark UI patterns, and most of those pop up experiences are annoying as hell.
It’s worth re-mentioning this whenever it pops up.
The GDPR does not mandate the cookie pop-up. The GDPR just says that companies cannot gather personal information about you without your consent,
If companies weren’t trying to build a profile about you all the time, they don’t need a banner in the first place. The GDPR is amazing because it makes it immediately obvious which rare companies actually respect you and your right to privacy, due to not needing cookie banners in the first place
As someone from the UX side of the fence, I can assure you that there are a lot of legitimate convenience and or fraud protection reasons for why a company might store PII server side for the user’s convenience. Targeted marketing isn’t the only reason to store identifying information.
Fraud prevention is a legitimate interest and does not need a consent request.
I’m pretty sure that is specifically called out in GDPR. Certainly ICO (UK) has loads of articles on it.
However legitimate interests are often difficult to demonstrate compliance, so it can be easier to rely on consent.
Others have said it already but… That shitty UX experience is the website’s own fault. I suspect many of them make it especially shitty just to spite the legislation.
You shouldn’t assume the contents of the GDPR based on what most companies are doing. It’s not legally consent, if it was not given freely. So, no dark patterns, no coercion, no inaccurate descriptions, nothing. You need to inform the user as accurately as possible and ensure that they choose what suits their interest. Then it’s consent.
It would be nice if, unlike GDPR, some veteran UX leaders would be consulted before this legislation was drawn up.
GDPR was well intentioned, but many of the pop experiences are littered with dark UI patterns, and most of those pop up experiences are annoying as hell.
It’s worth re-mentioning this whenever it pops up.
The GDPR does not mandate the cookie pop-up. The GDPR just says that companies cannot gather personal information about you without your consent,
If companies weren’t trying to build a profile about you all the time, they don’t need a banner in the first place. The GDPR is amazing because it makes it immediately obvious which rare companies actually respect you and your right to privacy, due to not needing cookie banners in the first place
As someone from the UX side of the fence, I can assure you that there are a lot of legitimate convenience and or fraud protection reasons for why a company might store PII server side for the user’s convenience. Targeted marketing isn’t the only reason to store identifying information.
Fraud prevention is a legitimate interest and does not need a consent request.
I’m pretty sure that is specifically called out in GDPR. Certainly ICO (UK) has loads of articles on it.
However legitimate interests are often difficult to demonstrate compliance, so it can be easier to rely on consent.
Others have said it already but… That shitty UX experience is the website’s own fault. I suspect many of them make it especially shitty just to spite the legislation.
I mean it costs money to design for and be compliant with. Doing it properly even more so.
You shouldn’t assume the contents of the GDPR based on what most companies are doing. It’s not legally consent, if it was not given freely. So, no dark patterns, no coercion, no inaccurate descriptions, nothing. You need to inform the user as accurately as possible and ensure that they choose what suits their interest. Then it’s consent.