this post was submitted on 19 Oct 2023
2315 points (97.5% liked)

Technology

60071 readers
3674 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 4 points 1 year ago (2 children)

The only thing Google needs to do now to make it legal is to force a prompt asking for your consent where if you disagree you are completely blocked off from the site.

GDPR does not allow this.

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago)

That doesn't appear to be correct.

Executive Summary
• Ad blocker detection is not illegal, but might, under a strict interpretation of the ePrivacy Directive be regulated and require the informed consent of users.

• Depending on the technical implementation of ad blocker detection, such detection may be out of scope of the consent requirement of the ePrivacy Directive, or fall within an exemption to the consent requirement. But the legal situation is not very clear.

• Publishers who use ad blocker detection should update their privacy policy to
include use of ad blocker detection scripts.

• Publishers may want to err on the side of caution and obtain consent for the use of ad blocker detection scripts to preempt and avoid any legal challenges.

• Publishers could obtain consent by slightly modifying their existing compliance mechanisms for the use of cookies as the possible new consent requirement
emanates from the same law mandating consent for the use of cookies.

• Publishers could use two practical solutions to request and obtain consent for
the use of ad blocker detection: a consent banner or a consent wall.
Publishers could also make use of a combination of the two to complement
each other.

Source

[–] [email protected] 0 points 1 year ago

I was going to reply, but lemmy.world admins decided to ban my account there suddenly and delete my complete comment history because of some criticism to their terms of conduct (hence why the comment you replied to is empty in some instances)... luckily I noticed as I was about to respond to your reply, saving it in the process when it didn't seem to go through. Without further adeu, and keeping in mind that I am not a legal expert:

That's true for cookies, but I'm not so sure it is true for this. I could be completely wrong, so I've tried searching for more answers, and from what I've gathered, it's not even something that all EU states agree with. According to EDPB Guidelines there is something known as "permissible consent". What you are referring to is discussed in this point:

In order for consent to be freely given, access to services and functionalities must not be made
conditional on the consent of a user to the storing of information, or gaining of access to information
already stored, in the terminal equipment of a user (so called cookie walls)

But when you are talking about ads, you aren't just talking about information stored or access to it, you are talking about a commercial transaction, between the person paying the service to put up the ad so that someone views it, who in essence is paying a part of your subscription. This can still exist even when you've refused targeted marketing, so only permissible incentive (seeing ads that may be more relevant to you) is lost in that regard, meaning you still have a genuine choice. But I'm no expert if that's how the law applies.

It really gets nebulous, and I'm not seeing a clear answer in the EDPB guidelines, but it does say this in one of the examples it gives:

As long as there is a possibility to have the contract performed or the contracted service delivered by this controller without consenting to the other or additional data use in question, this means there is no longer a conditional service. However, both services need to be genuinely equivalent.

The only obligation on behalf of YT might be that the user is aware of and agrees to the contract and the collection of personal data, "accessing information already stored on an end user's terminal equipment" for the purpose of fulfilling contractual obligations.

In short, it's not that cut and dry. It's the reason why you can't access Netflix without paying. It's the reason you have a cheaper Netflix service if you accept ads.