Google is redirecting me to a "consent" page - is it new or just me ?

[R.Wieser]

Hello all,

Recently while trying to google something I've been getting redirects to a
"consent.google.com" page in relation to how I want to have my private data
to be used [1]. (the answer to which is: in no way at all)

Question: has anybody else come across the above and knows more about it ?
Possibly including how to skip/suppress it ?

I've been able to get rid of it a few times by closing the browser (which
throws away all cookies) and opening a new one, but just now that trick
didn't work instantly anymore - had to leave some time between closing and
opening the new one, meaning I could be looking at that (nagging)
time-in-between becoming longer-and-longer ....

[1] With ofcourse the "no" choice leading to a page where all the tickboxes
are ticked, and I have to untick them one-by-one - in short, a "no" choice
which leads to a "yes, unless" page. I wonder if the "yes" choice goes to
a page where all tickboxes are *un*ticked, but for some reason I don't think
I will go and try it)

By the way: FF with JS disabled, and cookies set to session-only.

Regards,
Rudy Wieser

P.s,
I know of and have been using DDG too.

P.p.s.
Lol. I tried to post this into this as well as the 7 and 10 newsgroups, but
got a "forbidden crosspost" error back. I already wondered why this
newsgroup got so few crossposted messages recently. Now I know. :-)

[Paul in Houston TX]

I have never gotten that Google request or anything like it.

[gfre...@aol.com]

Just don't use google.

[R.Wieser]

Charlie+,

> it means they dont know who you are

After having used them for a decade thats rather hard to believe.

> and your avoidance to Google harvesting all your data has
> been successful!

Nah. Although I block all kinds of trackers they should have no problem
with harvesting all my search queries and extract lots of info from that.

> Move to StartPage.com as your browser search page would be
> my suggestion to you.

Really ?

I went to their "privacy policy" page (duh)

https://www.startpage.com/en/search/privacy-policy.html

and the first thing I got was this, overlaying the whole page (blocking me
from even seeing what their policy is !) :

[quote]
ENGLISH:
JavaScript appears to be disabled in your web browser. To complete the
CAPTCHA, please enable JavaScript and reload the page.
[/quote]

in multiple languages.

So, I *first* have to enable JS (not going to happen) *and* go thru a
captcha (not going to happen either) to be allowed to read what their
privacy policy actually is ? They must be joking. :-(

And a captcha on their *privacy policy* page ? What the fuck do they think
they have in there that needs to be protected that way ?

[quote from that page]
With Startpage you can search and browse the internet privately. *Not
because you have something to hide, but because you have a lot to protect!*
[/quote]

And the first thing that they demand is that I enable JS ? They *got* to
be kidding.


Also, looking thru that "privacy policy" they double-talk (lie?) quite a
bit. As a result if that and the above I do not quite trust them.

Thanks for the suggestion though.

Regards,
Rudy Wieser

[R.Wieser]

Paul,

> I have never gotten that Google request or anything like it.

Up until recently, neither did I.

Regards,
Rudy Wieser

[R.Wieser]

gfretwell,

> Just don't use google.

With it returning less-and-less relevant "hits" (and those drowning in
lots-and-lots of unrelated crap) I am already looking at other search
engines. :-)

Regards,
Rudy Wieser

[R.Wieser]

Charlie+",

> Fair enough! I did give up eventually on not using js!

I'm a person with low requirements and as a result have yet to encounter a
JS infested website that /I/ need.

But when that happens I will probably grab myself a Raspberry Pi and use one
Micro-SD card per unavoidable website.

The problem is not even that they use JS. More often than not you can work
around it. The problem is that they try to block access to the information
you need to be able to accept their "terms of usage" (of sorts). That
feels rather shady. Or stupid, which might even be worse. :-)

And by the way : the JS requirement and captcha answering on that privacy
policy page is fully bogus. In my case I just disabled CSS (which is a
two-click operation on FF) and I could read the whole thing anyway.
<whistle>

Regards,
Rudy Wieser

[JJ]

Google used to work fine even before it's infected with JS. From advanced
search, unsafe search, verbatim search, to specifying the date range of the
results. Everything were done without JS.

Now... almost everything needs JS. And the worst thing is, due to JS
infection, Google has become pure evil. Tracking their users. And the sad
thing is, almost all websites help Google track everyone by using Google
analytic, tag manager, and other craps. Sure, such services help website
growth and development, but the website owners are not aware of the
implication of using Google services, or just downright don't care at all.

Those "consent" pages or popups are a joke. They're more like a confirmation
page/popup for asking users whether they want to use the service **and** be
tracked, or... get the hell out.

[R.Wieser]

JJ,

> Google used to work fine even before it's infected with JS.

For me (with JS disabled) it still seems to work fine ...

> From advanced search, unsafe search, verbatim search, to
> specifying the date range of the results. Everything were done
> without JS.

... that is, it doesn't seem to matter if I search from its front page, or
go to the "advanced search" and put my keywords into the "all these words:"
box. In both cases I get a *lot* of "hits" that do not even seem to be
related to the keywords I used. :-(

Though a "-" prefix to a word still seems to dependantly do its thing :
excluding that word. Go figure. :-(

> Those "consent" pages or popups are a joke. They're more like
> a confirmation page/popup for asking users whether they want to
> use the service **and** be tracked, or... get the hell out.

As I have disabeled JS I do not see such popups. Ever.

And you know, I've encountered /very few/ website which did put an
intermediate "consent" page up (mostly of the kind you described, but which
is actually forbidden under the "cookie law"), and actually consider them
being the "good guys" under he bad ones : You actually get a choice.

Most of them just put a sticky top or bottom "banner" up which bluntly
states that "by using our website you agree to whatever we want" - which is
ofcourse illegal (no information about how your info is used, no choice,
yadayadayada).

As such neither means anything in a legal sense. But as the gouverments of
the different European countries (including mine) seem to love grandstanding
by creating laws - but than refuse to uphold them those websites can stil
say and do whatever they please.

At some point I've just added some GM scripting to automatically remove all
kinds of sticky stuff (removing those and other "you must see this all the
time!" crap) - just so I could enjoy seeing the whole window again.

Regards,
Rudy Wieser.

[Paul in Houston TX]

Duckduckgo.com
No JS needed.

[R.Wieser]

Paul,

> Duckduckgo.com
> No JS needed.

:-) I've got a local browser start page with "go find that shit" input
boxes for both Google and DDG.

And I have to give it to DDG, their result pages are clean enough that my GM
page scrubbers have very little to do on them (just removing the few "ads"
entries).

If-and-when that consent redirection keeps nagging I might just put DDG at
the top ...

Regards,
Rudy Wieser

[J. P. Gilliver (John)]

On Wed, 31 Mar 2021 at 23:08:44, Paul in Houston TX <Pa...@Houston.Texas>
wrote (my responses usually follow points raised):
[]
>Duckduckgo.com
>No JS needed.

How is DDG funded?
--
J. P. Gilliver. UMRA: 1960/<1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf

Life, liberty and the happiness of pursuit!

[Les Wollen]

R.Wieser wrote:

> Recently while trying to google something I've been getting redirects to a
> "consent.google.com" page in relation to how I want to have my private data
> to be used [1]. (the answer to which is: in no way at all)
>
> Question: has anybody else come across the above and knows more about it ?

You are in the EU where the GDPR [Datenschutz-Grundverordnung] applies.
Google has had the fear of GDPR driven into it. Google must now ask for
your consent when it wants to use your private data.

You are asking people who are not in the EU and where the GDPR does not
apply. Google will simply use their private data without asking. They
will not see the consent page.

> Possibly including how to skip/suppress it ?

Use a VPN which makes you appear to be in (say) North America where the
GDPR does not apply.

Those who don't get asked, will get their private data used by Google
without asking. That is the cost you will pay to suppress it.

It would be foolish to equate not being asked for consent with not
having your private data used.

> I've been able to get rid of it a few times by closing the browser (which
> throws away all cookies) and opening a new one, but just now that trick
> didn't work instantly anymore

> By the way: FF with JS disabled, and cookies set to session-only.

In the past, Google's general approach to Google settings was to save
your Google preferences in cookies on your browser. (When you throw away
cookies, you have to re-enter all your Google settings again.)

These days, Google is moving to requiring everyone to log in to Google
to have their Google settings remembered on Google's servers.

[Mayayana]

"J. P. Gilliver (John)" <G6...@255soft.uk> wrote

| How is DDG funded?

This seems to be the deal:

DuckDuckGo makes money in two simple ways: Advertising and Affiliate
Marketing. Advertising is shown based on the keywords typed into the search
box. Affiliate revenues come from Amazon and eBay affiliate programs. When
users buy after getting on those sites through DuckDuckGo the company
collects a small commission.

If you'll recall, Google became a giant by posting text-based
ads next to search results. Clean, simple, useful, honest, brilliant.
But then they got greedy and it never stopped.

DDG uses Bing results, so they don't need to have a search
engine. That's also why they're not as good as Google. I use
Google occasionally. It doesn't require script. Though it often
tries to track me by giving me a rigged URL in links that goes
through their site. They don't give webmasters that data anymore,
but they still collect it for themselves.

[R.Wieser]

Les,

> Google has had the fear of GDPR driven into it.

Than that fear has not been driven deep enough into them, as it also states
that it may *not* be used as an entry-blocker ("cookie wall") - which it now
has been set up as.

Also, I've just gone thru that consent -> change page (which does some
doubletalk about the(ir) usage of cookies) and selected all "No"s. The
looking at the google.com -> consent cookie ot contains a largely unreadable
string (identifying me as a person?) starting with "YES+". I don't know
about you, but that doesn't look kosher to me ...

> Use a VPN which makes you appear to be in (say) North America
> where the GDPR does not apply.

Lol. Just clicking "I agree" (just do anything with my data you wish)
would than be a lot easier. :-)

I was more thinking of the availability of some kind of an url argument to
convey my choice.

And by the way, I've gone thru that "consent" page (selecting all "no"s
ofcourse) and now get redirected to "consent.youtube.com" - which I have
never used on this (work) 'puter and is even domain-blocked on it. IOW, I
can't even progress. :-|

> These days, Google is moving to requiring everyone to log in to
> Google to have their Google settings remembered on Google's
> servers.

That would be a bit of a problem, as I just use their search engine, and
nothing else. (no facebook or other "social media", no "google groups",
nothing)

Regards,
Rudy Wieser

[JJ]

On Thu, 1 Apr 2021 15:30:37 +0200, R.Wieser wrote:
>
> Lol. Just clicking "I agree" (just do anything with my data you wish)
> would than be a lot easier. :-)

They doe it even before we clicked "I agree"/"Yes" anyway.

The GDPR doesn't protect visitors, it protect the websites (from being
sued).

[Paul in Houston TX]

J. P. Gilliver (John) wrote:
> On Wed, 31 Mar 2021 at 23:08:44, Paul in Houston TX <Pa...@Houston.Texas>
> wrote (my responses usually follow points raised):
> []
>> Duckduckgo.com
>> No JS needed.
>
> How is DDG funded?

Nearly all of my searches are work related and Google is still the best
for technical stuff. I search maybe 20 times per day.
The first 50-100 results at DGG wants to send me to Facebook but if I
add -facebook then the results are about 50% as good as google.
However, google will not return results for free online movies, whereas
DGG always returns quite few good free links. DGG seems to have an "in"
with FB.

[VanguardLH]

"R.Wieser" <add...@not.available> wrote:

> Than that fear has not been driven deep enough into them, as it also states
> that it may *not* be used as an entry-blocker ("cookie wall") - which it now
> has been set up as.

That's what "consent" is all about. *YOU* have to consent to allowing
them to create a cookie for your web session -- but that doesn't mean
you have to retain their cookie after exiting your web browser (Firefox
lets you purge all locally cached data on its exit, Google Chrome
requires an extension, like Click&Clean, and C-Edge has its purge on
exit setting).

Google is showing you a redirected web page. Many sites use an overlay
that you have to Okay to remove. GPDR doesn't say how the visitor is
informed, only that they be informed.

> Lol. Just clicking "I agree" (just do anything with my data you wish)
> would than be a lot easier. :-)

Agree, and then delete all cookies (and other locally cached data, like
DOM Storage) when exiting the web browser. Of course, that means the
cookie won't be there on your next visit, so you'll get queried again.
Ain't GPDR so grand. Glad I don't live there; however, many US sites
are employing GPDR notification, because they're a worldwide enterprise.

I purge all localled cached data by the web browser on its exit. Yep,
that means I have to enter my login credentials every time I revisit a
site where I have to login to an account.

[R.Wieser]

VanguardLH,

> That's what "consent" is all about. *YOU* have to consent to
> allowing them to create a cookie for your web session

Lol. Trolling much ?

Regards,
Rudy Wieser

[Mayayana]

"VanguardLH" <V...@nguard.LH> wrote

| Google is showing you a redirected web page. Many sites use an overlay
| that you have to Okay to remove.

That's getting worse and worse. I suspect in the US
they're being used as just one more way to force script.
I typically just switch to no-CSS. But I think I'm going to
start making a list of classes to hide in userContent.css.
I suspect a lot of sites are using standard templates.

[R.Wieser]

"R.Wieser" <add...@not.available> wrote in message
news:s4fbkg$19c0$1...@gioia.aioe.org...

> VanguardLH,
>
>> That's what "consent" is all about. *YOU* have to consent to
>> allowing them to create a cookie for your web session
>
> Lol. Trolling much ?

By the way, the above was the best of three : the other possibilities are
that you have no clue what the GDPR law stands for, or that you are
willfully misrepresenting it. But as I'm an "all around good guy" (yeah,
right :-) ) I gave you the benefit of the doubt.

And for the off chance that you simply have no clue : session cookies - as
part of the "functional cookie" group - are excluded from the GDPR
requirements.

The rest of your post didn't do any better.

Regards,
Rudy Wieser

[R.Wieser]

"R.Wieser" <add...@not.available> wrote in message

news:s4idh8$1ka3$1...@gioia.aioe.org...

> And for the off chance that you simply have no clue : session cookies - as
> part of the "functional cookie" group - are excluded from the GDPR
> requirements.

I put that wrong : They are not /excluded/, but as (long as) those cookies
do not contain PII the GDPR has nothing to say about them.

Regards,
Rudy Wieser

[rmani...@gmail.com]

if it worked as you wanted in an older version then downgrade, you can get on sites as oldapps or portablesapps
im on v89 but you can also try chrom dev or canary and see if the same issue

[R.Wieser]

<rmani...@gmail.com> wrote in message
news:0ec7ba84-5d43-428c...@googlegroups.com...

>
> if it worked as you wanted in an older version then downgrade, you
> can get on sites as oldapps or portablesapps im on v89 but you can
> also try chrom dev or canary and see if the same issue

I think you misunderstood the question. The problem is not to access a
random website, but that Google has put up a mandatory "consent" page which
intercepts and than blocks all my attempts to do some searching.

Regards,
Rudy Wieser

[VanguardLH]

"R.Wieser" <add...@not.available> wrote:

> "R.Wieser" <add...@not.available> wrote ...

>
>> And for the off chance that you simply have no clue : session cookies - as
>> part of the "functional cookie" group - are excluded from the GDPR
>> requirements.
>
> I put that wrong : They are not /excluded/, but as (long as) those cookies
> do not contain PII the GDPR has nothing to say about them.

Session cookies are [supposed to] get erased when the web session exits.
Doesn't always happen. I used "session" incorrectly for those who
understand that term regarding cookies. The cookies they use prevent
further user intervention during the web session. They might be session
cookies. They might be regular cookies. It's their presence during a
web session that dictates if there is interruption on revisit to a site
(i.e., further user intervention required). Whether those remnant
expiring (not session) cookies after a web session get reused in the
next web session with the same site depends on what the site wants to do
with them which means again with the user intervention to grant consent.
With a session cookie, it shouldn't be there in the next web session,
but are there in revisiting a site during the same web session. An
expiring cookie would surive a web session, and be available in the next
web session if the site is revisited. That expiring cookies survive to
the next web session does not guarantee that the user will not be again
interrupted with a consent prompt.

The point of user intervention to grant consent really has nothing to do
with the content of the session or expiring cookie file. They are used
as a means of tracking visitation, and whether or not to interrupt with
a consent prompt. They don't need any personal information at all to be
employed in managing a consent prompt, so they would always be exempt
from the GPDR regulations (unless endpoint tracking is considered
personal information).

"Any information relating to an identified or identifiable *natural*
person ('data subject'); and indentifiable natural person is one who can
be identified, directly or indirectly, in particular by reference to an
identifier such as name, and identification number, location data, an
online identifier or to one of more factors specific to the physical ,
physiologiccal, genetic, mental, economic, culteral or social identity
of that natural person."

So, does use of tracking to an endpoint, a computer, qualify as tracking
a natural person? How can any site validate that only one person uses
the one computer as the endpoint host that connected to that site? It
can't hence the legal indemnification used by sites to overtly request
consent by visitors. It's not that they are required by GPDR. It's
them covering their legal ass should the vaguities of GPDR be judged
against a site as a violation.

Oh, as far as whether cookies have personal content within, I didn't
find that mentioned. Since cookies can be used for tracking:

https://piwik.pro/blog/how-will-gdpr-affect-your-web-analytics-tracking/

Since cookies can be used for tracking of an endpoint (computer), they
can be considered "personal data" if there is potential to single out an
individual. However, the endpoint is singled out, not a natural person.
Companies don't want to bother legally battling the distinction, so they
put out the consent prompt to encompass any possible interpretation
between endpoint host and natural person.

I'm not a lawyer, nor would I ever want to be one, nor do I believe are
you. But just casual perusing of the GPDR shows it isn't that clear,
and why any judgement of violation for a particular case would require a
court case rather than mandates from some overreaching document.
Companies enlist lawyers to give suggestions of preventing liability.
Tis simple 'nuff to shove a consent form at visitors to nuisance them
rather than determine interpretation in court. The same shit happened
regarding Usenet access by ISPs when a New York state attorney simply
threatened court action for just having Usenet access due to the kiddie
porn back then. Gave the ISPs an excuse to drop Usenet. That was their
cheapest, easiest, and best indemnification against legal action.
Shoving a consent prompt into their visitors' faces was also cheap and
easy indemnification instead of determining their liability in court.

[R.Wieser]

VanguardLH,

>>> And for the off chance that you simply have no clue : session cookies -
>>> as part of the "functional cookie" group - are excluded from the GDPR
>>> requirements.

...

> Session cookies are [supposed to] get erased when the web session exits.

And that has .... what to do with GDPR consent ?

Mind you, *you* where the one who started to blabber about "have to consent
to allowing them to create a cookie for your web session". Which is
bullcrap.

[Snipping some "water is wet" stuff about how "session cookies" work]

> The point of user intervention to grant consent really has nothing
> to do with the content of the session or expiring cookie file.

Bingo.

So, what was that "allowing them to create a cookie" all about ?

> They are used as a means of tracking visitation, and whether or
> not to interrupt with a consent prompt.

Hmmmm ... So your stance is that I should re-enable long-lived cookies, so
Google can store an *absolutily unreadable* cookie on my personal 'puter
that, the next time I visit, tells them they should not store tracking
cookies on my 'puter ...

... accepting the fact that I cannot read that cookie *and* that someone,
Google or not, could "forget" *not* to put an tracking cookie on my 'puter
and have it live upto-and-beyon my next visit ?

I don't think so.

Kiddo, my choice is that they, apart from session-bound short-lived
"functional cookies" store /absolutily nothing/ on my 'puter.

I've got a cinema in my town. It doesn't expect me to carry a "no
admittance" ticket around so they can check and by it stop me from entering.
I'm sure that Google can come up with a similar system.

IOW, the absense of a consent cookie means they do not have consent.

It *can* be as simple as that. But that doesn't give Google "a foot in the
door", now does it ? So it won't happen ... unless they are forced. I
can only hope that GDPR turns out to be a bit more solid than DNT.

Regards,
Rudy Wieser

[VanguardLH]

And why I use StartPage (was ixQuick). It uses the Google search
engine. Google always has more hits total and more relevant, for me,
than does Bing, so I have StartPage as the default (and DDG as an
alternative).

Rather than bother with the drop-down list on a search to use the
default or alternative search engines present there, I defined bookmarks
in a Search subfolder in my Bookmarks with URLs to the search engines
(followed by %s as a placeholder for my search text) along with keywords
in each bookmark. "g firefox" uses Google to search on "firefox". "s
firefox" uses Startpage. "ddg firefox" uses DuckDuckGo. "b firefox"
uses Bing. And a whole slew of other bookmarks with keywords for other
searches, like "gm <addrs>" for Google Maps, "gn <topic>" for Google
News, "gi <whatever" for Google Images, and so on, and the same for
search types using other search engine sites, like "yt <whatever>" to
search Youtube, "imdb <title>" to search the Internet Movie Database,
and "dict <word>" to search at Dictionary.com. However, those are handy
for use in the address bar. I can use subfolders in my Search bookmarks
folder to group them, like all Google bookmarks are under a Google
subfolder, a Bing subfolder, References for lots of ref sites
(dictionary, IMDB, newspapers, etc), and so on.

I also add the Selection Context Search extension to give me a context
menu of search engines. It uses the same bookmarks for searching by
keyword that I already created under the Search bookmark folder, and
shows the same hierarchy of subfolders for grouping the bookmarks. I
can select some text in a web doc, right-click, and pick where to search
on the text. In my Search bookmarks folder, I have 30 bookmarks with
keywords (to call using the keyword in the addressbar), or to use with
the extension (to access the search engines on selected text in a web
doc).

I can enter text in the addressbar to use the default search engine. Or
I can select one of the other search engines in a short list. Or I can
use a keyword in the addressbar to directly specify which search engine
to use. Or I can use content selection to pick which search engine to
use on selected text using the context menu.

For deobfuscating URLs, like Google's search hits, or any site that
redirects, I use the Unshort.lnk extension. However, looks like Google
removed that trick of redirection (the URL points to themself to track
the destination, and their server then takes you to the redirected site
specified in a url= argument in the URL) a while ago. I haven't seen
the redirection URLs for quite a spell with Google searches.

Might've been because scammers figured out how to abuse Google's
redirect feature. See:

https://nakedsecurity.sophos.com/2020/05/15/how-scammers-abuse-google-searchs-open-redirect-feature/

Their goo.gl redirection service can obviously be used by scammers, but
then it was shown that Google's redirection service intended only to
track search results (that were clicked on) could also get similary
abused. I haven't used goo.gl, so I don't know if they provided a means
to report abusive redirection URLs using their goo.gl service. With
other redirection services, like tinyurl.com, you can report abuse and
the service owner gets those malicious redirects killed in a day.
Google killed their goo.gl redirection service back in April 2018. Not
sure when they quit using redirection for tracking their search results.

Apparently Google switched to using the OnMouseDown event to track on
which search results you clicked. That requires Javascript, so that
tracking is killed if you use Google Search with Javascript disabled.

[VanguardLH]

"R.Wieser" <add...@not.available> wrote:

> VanguardLH,

>
>> R.Wieser wrote:
>>
>>> And for the off chance that you simply have no clue : session cookies -
>>> as part of the "functional cookie" group - are excluded from the GDPR
>>> requirements.
>>

>> Session cookies are [supposed to] get erased when the web session exits.
>
> And that has .... what to do with GDPR consent ?

Sites that interject their "Accept (our cookie)" aren't declaring if
they are for session or permanent (expiring) cookies, and they don't
care. GPDR excludes session cookies now, but since when has GPDR been
fixed in stone? That they create ANY cookie is why they present the
prompt. It's their means of legal indemnification now and later.

[R.Wieser]

Vanguard,

>>> Session cookies are [supposed to] get erased when the web session exits.
>>
>> And that has .... what to do with GDPR consent ?
>
> Sites that interject their "Accept (our cookie)" aren't declaring
> if they are for session or permanent (expiring) cookies, and they
> don't care.

Thats a lot of words for saying "nothing". :-)

> GPDR excludes session cookies now, but since when has GPDR
> been fixed in stone?

Lol. Kid, throwing FUD around doesn't score you any points.

Also, the GDPR has never included rules about session cookies, as it isn't
even about cookies to begin with (as you should have be aware of by now).
The clarification of "functional cookes" vs "tracking cookies" was only
added later, to help the more "morinic" businesses/website owners understand
what they could and couldn't do.

Alas, that has not stopped the more nefarious companies to keep yip-yapping
about how problematic it would be to run a website without being allowed to
use cookies, as well as them push the "the GDPR forces us to ask for consent
so we can place a session cookie on your system" narrative towards visitors.

The very same misguided claim you threw around and which got our
conversation started with by the way.

> That they create ANY cookie is why they present the
> prompt. It's their means of legal indemnification now
> and later.

:-) Who is paying you to blabber this kind of propaganda ?

For later ? When was the last time in your country a Law was retroactivily
applied ? For now ? They had ample time (years) to become aware that
(short-lived) "functional cookies" do not fall under the GDPR - and never
can.

No kid, you know well enough why the different companies are trying to put
the GDPR in a bad light by bothering visitors with consent that they
supposedly need to give for even a session cookie - its simply a
multi-pronged attack.

Either the visitor will get tired of ticking all of the the "no" boxes and
just press the "yes"button so they can go on, or will start to take a stand
against the GDPR because of the bullshit those companies have been feeding
them.

And thats besides, as mentioned before, forcing the visitor to (re)enable
long-lived cookies and accept an effectivily opt-out system (by way of a
"no" cookie) for the consent form itself *and* having to accept that such a
"consent" cookie content is unreadable - there is no way to check if it
reflects the made choice(s).

A so called no-lose situation. The only queston is how big the win will
be.

Kid, when you started I considered you to be part of that lattter,
mis-informed (bullshitted to) group. Though currently I get a kind of
'Stockholm syndrome' vibe ...

Regards,
Rudy Wieser

[VanguardLH]

"R.Wieser" <add...@not.available> wrote:

> Also, the GDPR has never included rules about session cookies, as it
> isn't even about cookies to begin with (as you should have be aware
> of by now).

Oh, so YOU decided to mislead with your arguments.

You: session cookies - as part of the "functional cookie" group - are

excluded from the GDPR requirements.

You: They are not /excluded/, but as (long as) those cookies

do not contain PII the GDPR has nothing to say about them.

You: isn't even about cookies

Can't make a decision, can you.

> The clarification of "functional cookes" vs "tracking cookies" was only
> added later, to help the more "morinic" businesses/website owners understand
> what they could and couldn't do.

Verification from you the GPDR was not set in stone. Thank you.

> No kid,

Your insult isn't working. So, post a URL where are you online
credentials as a contract lawyer.

[R.Wieser]

Vanguard,

> Oh, so YOU decided to mislead with your arguments.

Did/do I now ? Lets see :

> You: session cookies - as part of the "functional cookie" group - are
> excluded from the GDPR requirements.

They are excluded from the GDPR *because* ...

> You: They are not /excluded/, but as (long as) those cookies
> do not contain PII the GDPR has nothing to say about them.

... they do not contain PII. The "exclusion" is only given to take the wind
from under the "but we don't know what it applies to and what not" whining
companies wings.

> You: isn't even about cookies
> Can't make a decision, can you.

:-) Lol. You really are trying to grasp (at) straws, arn't you ?
*Claiming* that someone is wrong is easy enough. The remarkable (yeah,
right) thing is that people than, just like you did, go to a full stop, not
even bothering to try to support their "you're wrong" claims. :-p

But, I'll give you a chance : How does "(it) isn't not even about cookies"
contradict the the other two ? Up for it ?

I didn't think so.

>> The clarification of "functional cookes" vs "tracking cookies" was only
>> added later, to help the more "morinic" businesses/website owners
>> understand
>> what they could and couldn't do.
>
> Verification from you the GPDR was not set in stone. Thank you.

Ah yes. I can see how the word "added" in the above quote must have
confused you. But, if you parse the *full* sentence you might notice that
that "added" is about "The clarification", not the Law itself.

Than again, I get the (rather strong) feeling you already knew that, but
where trying to find something, /anything/ you could complain about ...

>> No kid,
>
> Your insult isn't working.

I don't get it, how is calling a kid a kid insulting ? If you do not want
to be referred to as a kid than stop behaving like one.

> So, post a URL where are you online credentials as a contract lawyer.

Ah yes, "if you cannot prove you are talking with authority than you cannot
tell me I'm wrong" joker card.

Alas kiddo, I can tell you wrong on the same authority that you think you
may act as if what you post is right.

The whole difference between you and me is that I can-and-have underbuild my
position and taken yours down, while you on the other hand have done nothing
of the sort. Not underbuilding your own "That's what "consent" is all
about. *YOU* have to consent to allowing them to create a cookie for your
web session" claim, not responded to anything thats wrong with the
consent-cookie method, heck, not even acknowledged it, nothing, nada, zip,
zich.

All you have been doing is to try, one way or the other, get outof the pit
you dug for yourself.

There is as old saying : "Its not the mistake which defines a person, but
how he deals with it".

You made a simple mistake of not knowing much of anything about the GDPR,
but acting as if you did. You had the bad luck of encountering me, an
European who has followed the GDPR a bit , simply because he's affected by
it, and as such has picked up a few things about it.

Your second, *and by far biggest mistake* was not allowing yourself to
acknowledge that you perhaps might have been wrong. The rest just trails
off of that.

I think its a good idea to end our conversation here. You've shown you've
got nothing that I can learn from. Other than perhaps a bad attitude. :-)

Goodbye.
Rudy Wieser

[JJ]

On Mon, 5 Apr 2021 09:51:13 -0500, VanguardLH wrote:
> "R.Wieser" <add...@not.available> wrote:
>
>> Than that fear has not been driven deep enough into them, as it also states
>> that it may *not* be used as an entry-blocker ("cookie wall") - which it now
>> has been set up as.
>
> That's what "consent" is all about.

But the fact is that almost all of them don't actually ask for a consent.
They simply notify us, that cookies will be given for whatever reason they
please. Even _before_ we click that Yes/OK/Accept/Agree button or link.

From what I see, GDPR is meant to _protect_ website owners from being sued
by visitors. It's not meant to protect website visitors.

[Mayayana]

"JJ" <jj4p...@gmail.com> wrote

| But the fact is that almost all of them don't actually ask for a consent.
| They simply notify us, that cookies will be given for whatever reason they
| please. Even _before_ we click that Yes/OK/Accept/Agree button or link.
|

Yes, and they try to block the page until you OK it.
I get a kick out of npr.org. The masters of liberal guilt
trips now show me a page about once per week that
gives me a choice: "You can either accept our cookies
and be a decent person, or you can click "no" and we'll
show you a plain page with a handful of links that lead
to some plain-text news stories we'll allow you to see."

They're trying to make it look like a choice, while
punishing anyone who says no and treating them as
misbehaving children. :)

[R.Wieser]

JJ,

> But the fact is that almost all of them don't actually ask for a
> consent. They simply notify us, that cookies will be given for
> whatever reason they please. Even _before_ we click that
> Yes/OK/Accept/Agree button or link.

I don't think that you, just like VanguardLH, are aware of what the GDPR is
really about. I give you a hint : Its /not/ about cookies.

> From what I see, GDPR is meant to _protect_ website owners
> from being sued by visitors. It's not meant to protect website visitors.

If that where so than just a "who progresses beyond this point" style of
banner or even a small-small-small text at he bottom of the page would have
been enough (shrink-wrap EULAs anyone?). The fact that the GDPR specifies
that the visitor has to be *activily* involved seems to indicate something
different.

Ofcourse, the GDPR is directly opposite the website-owners / companies
stance that nobody is allowed to deny them anything, so they try to trash
it. The mere fact that most all websites sites have a prominent "yes"
button, but no complementing "no" button should tell you enough in that
regard.

Regards,
Rudy Wieser

[JJ]

On Thu, 6 May 2021 15:12:25 +0200, R.Wieser wrote:
>
> I don't think that you, just like VanguardLH, are aware of what the GDPR is
> really about. I give you a hint : Its /not/ about cookies.
>

> If that where so than just a "who progresses beyond this point" style of
> banner or even a small-small-small text at he bottom of the page would have
> been enough (shrink-wrap EULAs anyone?). The fact that the GDPR specifies
> that the visitor has to be *activily* involved seems to indicate something
> different.

So, I noticed.

Should there be a law to disallow anyone from claiming that what they state
is according to a law which in actuality, has nothing to do with what they
claim? (does that make sense?)

> Ofcourse, the GDPR is directly opposite the website-owners / companies
> stance that nobody is allowed to deny them anything, so they try to trash
> it. The mere fact that most all websites sites have a prominent "yes"
> button, but no complementing "no" button should tell you enough in that
> regard.

I never trust websites' and softwares' statements/policies ever since I can
not personally confirm their honestly.

[R.Wieser]

JJ,

> Should there be a law to disallow anyone from claiming that what
> they state is according to a law which in actuality, has nothing to
> do with what they claim? (does that make sense?)

The problem is that most advertisers know quite well how far they can dive
into the "gray area" before it becomes a matter for the Law. But yes, I
would love to see such a law - if it would be upheld. Bad and/or false
advertising is a scourge to customers. :-(

> I never trust websites' and softwares' statements/policies ever since
> I can not personally confirm their honestly.

And you will never be able to. :-\

Companies are /by definition/ a sociopaths : their whole existance is
revolving about making their owners and/or investors money. If they can
get/force you to pay more and deliver less than they will not hesitate.

Than again, there are a lot of people who have no qualms to rob you blind if
they think they can get away with it (will not get caught) ...

Regards,
Rudy Wieser