jakemor

Every time we visit a GDPR compliant site, we are greeted with the all too familiar (yet far from homogeneous) popup asking us to either accept or deny the site's privacy policy and cookie behavior.

I'd like to point out how this law is hurting the web.

When the onus is on the developer to ask a user for permission, the user is forced to trust the developer. For example when a website asks me if they can store cookies in my browser, and I say no, there is no easy way of me knowing if that site is actually listening to me.

Wouldn't it be cleaner if the burden was on the browser to ask us for permission?

In iOS for example, the operating system asks you if you'd like to grant an app access to your camera... not the app itself! Imagine we had to blindly trust an app to not use our camera, without any help from Apple. Mayhem!

Instead, the EU mandates that developers ask permission. Developers place a stupid looking div filled with legal jargon on their homepage. We roll our eyes and click accept. Good actors (who respected our privacy in the first place) continue to respect our privacy. Bad actors continue to ignore it.