Cookie Consent, Tracking and What is Possible and What not?
Because of some shady, greedy company, Germany is facing now the same Cookie Consent Banner hell, like every other European country.
What happened? I don't know! I know there are bad actors who are trying to get consent for a bunch of 3rd party cookies and newsletter subscription and what not, using dark patterns, like pre-checked checkboxes and unclear copy. That's how it always has been.
They got dragged to court and now we have this ruling to ask for consent to set some types of cookies. This leads us into an UX/UI hell with more or less sublte warning signs asking visitors for consent to set cookies. And visitors? Most of the time they don't know and don't care.
I do care, that's why I use Ad- and Content Blockers. I try to control what's getting stored on my computer.
While I applaud the decision to put some checks onto these bad actors, it makes my life as a webdeveloper, the life of my clients and of the user harder.
What do we need to get consent for?
Mainly tracking cookies, that identify you to some sort statistics software.
Why tracking software?
My clients use a selfhosted version of matomo. If you use matomo reasonable, you check in once in a while, see how many visitors, what is popular, where did they came from.
If you try to analyze a certain problem, how customers get from A to B or what kind of login is easier for users in A/B tests, you take a closer look.
Heck, in rare cases you want to be able to follow the history of a user who reported a problem, in trying to find the timeframe, when they used your website.
That's it. There is no desire to target single users, sell their data or do anything shady. In the worst case you put candy at the checkout (oldest trick in the book) or make it easier for customers to find what they are searching for.
I would consider this kind of semi-anonymous tracking the same as a store clerk observing customers. See if they need help, what they find attractive, recognize if they steal.
It's not that we want to video tape them and connect that video to a credit-card number and send it to some commercial partner or the government.
So what is the problem with setting a cookie?
I have still no idea. Ther person at the checkout remembers me and that I buy once a week. Does that need an Opt-in?
Does this real-life example make any sense?
- let me track my visitors semi-anonymously with a self-hosted version of any kind of analytics software
- take privacy in your own hands and don't rely on unpractical and uniformed decisions by government (or get experts on board if you come up with this kind of ruling)
- punish bad actors and not just everybody.