{"id":10808,"date":"2018-06-10T14:44:16","date_gmt":"2018-06-10T14:44:16","guid":{"rendered":"https:\/\/www.itwriting.com\/blog\/?p=10808"},"modified":"2018-06-10T19:15:41","modified_gmt":"2018-06-10T19:15:41","slug":"manage-your-privacy-online-through-cookie-settings-you-must-be-joking","status":"publish","type":"post","link":"https:\/\/www.itwriting.com\/blog\/10808-manage-your-privacy-online-through-cookie-settings-you-must-be-joking.html","title":{"rendered":"Manage your privacy online through cookie settings? You must be joking."},"content":{"rendered":"

Since the deadline passed for the enforcement of the EU\u2019s GDPR (General Data Protection Register) most major web sites have revamped their privacy settings with new privacy policies and more options for controlling how your personal data is used. Unfortunately, the options offered are in many cases too obscure, too complex and too time-consuming to be of any practical value.<\/p>\n

Recital 32 of the GDPR says:<\/p>\n

\n

Consent should be given by a clear affirmative act establishing a freely given, specific, informed and unambiguous indication of the data subject\u2019s agreement to the processing of personal data \u2026 this could include ticking a box when visiting an internet website \u2026 silence, pre-ticked boxes or inactivity should not indicate consent.<\/p>\n<\/blockquote>\n

I am sure the controls on offer via major web properties are the outcome of legal advice; at the same time, as a non-legal person I struggle on occasion to see how they meet the requirements or the spirit of the legislation. For example, another part of Recital 32 says:<\/p>\n

\n

\u2026 the request must be clear, concise, and not unnecessarily disruptive to the use of the service for which it is provided.<\/p>\n<\/blockquote>\n

This post describes what I get if I go to technology news site zdnet.com and it detects that I have not agreed to its cookie management.<\/p>\n

Note<\/strong>: before I continue, let me emphasize that there is lots of great content on zdnet, some written by people I know; the site as far as I know is doing its best to make business sense of providing such content, in what has become a hostile environment for professional journalism. I would like to see fundamental change in this environment but that is just wishful thinking.<\/p>\n

That said, this is one of the worst experiences I have found for privacy-seeking users. Here is the initial banner:<\/p>\n

\"image\"<\/a><\/p>\n

Naturally I click Manage Settings.<\/p>\n

Now I get a scrolling dialog from CBS Interactive, with a scroll gadget that indicates that this is a loooong document:<\/p>\n

\"image\"<\/a><\/p>\n

There is also some puzzling news. There are a bunch of third-parties whose cookies are apparently necessary for \u201cour sites, products and services to function correctly.\u201d These include cookies for analytics and also for Google ad-serving. I am not clear why these third-parties perform functions which are necessary to read a technical news site, but there we are.<\/p>\n

I scroll down and reach a button that lets me opt out of being tracked by the third party advertisers using zdnet.com, or so it seems:<\/p>\n

\"image\"<\/a><\/p>\n

I want to opt out, so I click. Some of the options below are unchecked, but not many. Most of the options say \u201cOpt out through company\u201d.<\/p>\n

It also seems pretty technical to me. Am I meant to understand what a \u201cDemand Side Platform\u201d is?<\/p>\n

\"image\"<\/a><\/p>\n

I counted the number of links that say \u201copt out through company\u201d. There are 63 of them.<\/p>\n

I click the first one, called Adform. Naturally, the first thing I see is a request to agree (or at least click OK to) their Cookie Policy. <\/p>\n

\"image\"<\/a><\/p>\n

I click to read the policy (remember this is only the first of 63 sites I have to visit). I am not offered any sort of settings, but invited to visit youronlinechoices<\/a> or aboutads.info<\/a>.<\/p>\n

\"image\"<\/a><\/p>\n

Well, I don\u2019t want anything to do with Adform and don\u2019t intend to return to the site. Maybe I can ignore the Adform Cookie Policy and just focus on the opt-out button above it. <\/p>\n

\"image\"<\/a><\/p>\n

Currently I am \u201cOpted-in\u201d. This is a lie, I have never opted in. Rather, I have failed to opt out, until I click the button. Opting out will in fact set a cookie, so that Adform knows I have opted out. I am also reminded that this opt out only applies to this particular browser on this particular device. On all other browsers and\/or devices, I will still be \u201copted in\u201d. <\/p>\n

OK, one down, 62 to go. However scrolling further down the list I get some bad news:<\/p>\n

\"image\"<\/a><\/p>\n

In some cases, it seems, \u201cthis partner does not provide a cookie opt-out\u201d. The best I can do is to \u201cvisit their privacy policy for more information\u201d. This will require a search, since the link is not clickable.<\/p>\n

How to control your privacy<\/h3>\n

What should you do if you do not want to be tracked? Attempting to follow the industry-provided opt-outs is just hopeless. It is mostly PR and attempting to tick legal boxes.<\/p>\n

If you do not want to be tracked, use a VPN, use ad blockers, and delete all cookies at the end of each browsing session. This will be tedious for you though, since your browsing experience will be one of constant \u201cI agree\u201d dialogs, some of which you may be able to ignore, or others for which you have to click I Agree or endure a myriad of semi-functional links and settings,<\/p>\n

Maybe the EU GDPR legislation is unreasonable. Maybe we have been backed into this corner by allowing the internet to be dominated by a few giant companies. All we can state for sure is that the current situation is hopelessly broken, from a privacy and usability perspective.<\/p>\n","protected":false},"excerpt":{"rendered":"

Since the deadline passed for the enforcement of the EU\u2019s GDPR (General Data Protection Register) most major web sites have revamped their privacy settings with new privacy policies and more options for controlling how your personal data is used. Unfortunately, the options offered are in many cases too obscure, too complex and too time-consuming to … Continue reading Manage your privacy online through cookie settings? You must be joking.<\/span> →<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1522,75,1519],"tags":[739],"class_list":["post-10808","post","type-post","status-publish","format-standard","hentry","category-privacy","category-security","category-tech","tag-privacy"],"_links":{"self":[{"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/posts\/10808","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/comments?post=10808"}],"version-history":[{"count":8,"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/posts\/10808\/revisions"}],"predecessor-version":[{"id":10816,"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/posts\/10808\/revisions\/10816"}],"wp:attachment":[{"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/media?parent=10808"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/categories?post=10808"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/tags?post=10808"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}