GDPR doesn’t require them to ask if they would just not violate our privacy. In other words, it’s perfectly legal to assume “no” if they have no means of asking.
The requirement to not track users with cookies does not extend to cookies that make the site work in the first place, such as those which track your login session, or your refusal of other cookies.
CNN: We can’t ask if you want to allow cookies because you’re blocking everything
Me: Which means I don’t want you to……….?
CNN: No idea, we have to ask you.
Me: I’m so strict you can’t even ask meaning………?
CNN: You….
Me: Yes?
CNN: Uh………… don’t want……
Me: Yesssss………
CNN: To miss out on us asking you.
Hello! Would you like to destroy some evil today?
Yes, PLEASE press A a few times on this monster!
A
Thos but unironically. GDPR
GDPR doesn’t require them to ask if they would just not violate our privacy. In other words, it’s perfectly legal to assume “no” if they have no means of asking.
It’s not only legal to assume, it’s a requirement to default to “no”.
Tracking is opt-in.
Indeed. If a site simply doesn’t send you cookies, there’s no question of GDPR compliance. Blocking the cookies amounts to the same thing.
I’m currently wondering if CNN may actually be in violation by doing this.
The requirement to not track users with cookies does not extend to cookies that make the site work in the first place, such as those which track your login session, or your refusal of other cookies.
so don’t track login sessions, etc.
no cookies, no problem with not having asked for cookie consent.
if the site breaks, it breaks, and leaving it broken is a choice users can make.