"Interesting that this site itself may use one of the described patterns."
Is it really interesting, though. For example, we have seen this as a very common retort in HN comments every time an author is critical of advertising, tracking/analytics, etc. Someone points out the author's site itself uses the thing being critiqued.
Is that supposed to detract from the argument being made by the author. That does not make much sense.
It is a bit like another common retort we see in discussing tech company behaviour: "But everyone else is doing it." Does that make it OK. Or one we see when discussing regulatory action: "They should be focusing on X not Y." Don't look here, look over there.
I am highly skeptical of comments that try to leverage these tactics. The message is what it is. Whether or not it is valid does not depend on who is voicing it, where it appears, or what's going on somewhere else. This is pure misdirection.
This paper might be a worthwhile read. It makes little sense to pre-judge it before reading, simply because it appears on ACM's website, and ACM's website developers try to get users to enable cookies. What if the paper is re-posted on a site with no Javascript and that does not try to set cookies. Does the content of the paper then become "legitimate". Why or why not.
It is easy to retrieve this paper without using cookies, from another site. For example,
Not trying to single out this one comment. It's fine. The paper is not really arguing for or against banners and other notice and consent mechanisms, just studying their use. I cannot even see the banner because I use a text-only browser.
The most interesting paragraph in the paper IMO is the last one. They ask why the client, e.g., through browser settings, cannot be in control of the legal consent mechanism. What if clients were to sed an additional HTTP header to indicate whether or not the user consent to cookies. For example, Allow-Cookies: no.
The online advertising companies have apparently fought against this, e.g., the DNT header. If you enable DNT in one popular browser deployed by an advertising company you get this ridiculous warning message. Why the heck is it a big deal if the user controls the headers sent and the server has to honour them. When you read RFCs about www development they always make it sound like clients and servers on are equal footing. The reality is quite different. These companies want to control how a user "consents".
If it's so hard to do the right thing that someone who apparently both cares and understands the problem space still messes it up, then the issue is more fundamental than education.
Is this somehow suggesting nonprofits are less liable? I was quite shocked to read an article that gave a weekend sports team as an example of an organization that was maintaining GDRP protected data, basic the list of their team members
Is it really interesting, though. For example, we have seen this as a very common retort in HN comments every time an author is critical of advertising, tracking/analytics, etc. Someone points out the author's site itself uses the thing being critiqued.
Is that supposed to detract from the argument being made by the author. That does not make much sense.
It is a bit like another common retort we see in discussing tech company behaviour: "But everyone else is doing it." Does that make it OK. Or one we see when discussing regulatory action: "They should be focusing on X not Y." Don't look here, look over there.
I am highly skeptical of comments that try to leverage these tactics. The message is what it is. Whether or not it is valid does not depend on who is voicing it, where it appears, or what's going on somewhere else. This is pure misdirection.
This paper might be a worthwhile read. It makes little sense to pre-judge it before reading, simply because it appears on ACM's website, and ACM's website developers try to get users to enable cookies. What if the paper is re-posted on a site with no Javascript and that does not try to set cookies. Does the content of the paper then become "legitimate". Why or why not.
It is easy to retrieve this paper without using cookies, from another site. For example,
https://web.archive.org/web/20210305175101/https://dl.acm.or...
PDF: https://web.archive.org/web/20200701025846if_/https://dl.acm...
Not trying to single out this one comment. It's fine. The paper is not really arguing for or against banners and other notice and consent mechanisms, just studying their use. I cannot even see the banner because I use a text-only browser.
The most interesting paragraph in the paper IMO is the last one. They ask why the client, e.g., through browser settings, cannot be in control of the legal consent mechanism. What if clients were to sed an additional HTTP header to indicate whether or not the user consent to cookies. For example, Allow-Cookies: no.
The online advertising companies have apparently fought against this, e.g., the DNT header. If you enable DNT in one popular browser deployed by an advertising company you get this ridiculous warning message. Why the heck is it a big deal if the user controls the headers sent and the server has to honour them. When you read RFCs about www development they always make it sound like clients and servers on are equal footing. The reality is quite different. These companies want to control how a user "consents".