The "Accept all" button is often the standard for cookie banners. An administrative court has ruled that the opposite offer is also necessary.

The “Accept all” button is often the standard for cookie banners. An administrative court has ruled that the opposite offer is also necessary.

Lower Saxony’s data protection officer Denis Lehmkemper can report a legal victory in his long-standing battle against manipulatively designed cookie banners. The Hanover Administrative Court has confirmed his legal opinion in a judgment of March 19 that has only just been made public: Accordingly, website operators must offer a clearly visible “reject all” button on the first level of the corresponding banner for cookie consent requests if there is also the frequently found “accept all” option. Accordingly, cookie banners must not be specifically designed to encourage users to click on consent and must not prevent them from rejecting the controversial browser files.

  • rumba@lemmy.zipEnglish
    210·
    18 hours ago

    Just a bunch of idiots that have no idea how shit works.

    If they can reject all, but can’t stay logged in after trying to navigate the site, who’s fault is that?

    but I can already here, but you can work around that

    Guess what? The workaround is tracking. we’re just re-inventing cookies.

      • rumba@lemmy.zipEnglish
        1·
        14 hours ago

        Cookies are used for all sorts of critical things other than tracking. Right now with the current methods of accept all cookies or accept only necessary cookies is fine. All this is going to net is a bunch of uninformed people clicking reject all cookies and then it’s filing support tickets that they can’t log in.

        • gedhrel@lemmy.worldEnglish
          4·
          14 hours ago

          Accept all, one click. Accept only necessary: typically involves turning somersaults.

          The ruling is about the latter.

          • rumba@lemmy.zipEnglish
            1·
            12 hours ago

            Requires turning some somersaults but leaves you with a viable product. Allow them to reject all and just let it break?

            • AnEilifintChorcra@sopuli.xyzEnglish
              1·
              3 hours ago

              Cookies can be divided into subcategories and depending on what type they are, they may or may not be covered under this ruling.

              Heres a nice breakdown of what does and doesn’t have to be included in the reject all option https://gdpr.eu/cookies/ and also a bit of info about the ePrivacy directive that seems to be what the TDDDG law is based on.

              So websites with competent cookie management shouldn’t break if a user “rejects all”