I'm sure someone in the ad industry will tell you that the internet is powered by ad revenue, it's what keeps it free and open, what makes services better.
There are other business models, it depends on what you're building. For a while almost everything coming out of SV was destined to be advertising real estate. Now I think there's more interesting businesses going on. We'll keep strip mining attention to push plastic trinkets into container ships, certainly. Probably no stopping that.
For plastic trinkets, at least 3D printing has this recycliability to it. PLA-only prints can be broken down into PLA filament with the right machinery. It's not home desktop machinery, but the theory is there.
Constant tracking isn't necessary for advertising, it's a choice. So is hiding the extent of this tracking from the user. If the user doesn't understand the full scope and impact of the "payment" then the business model is akin to loansharking. Those people also take the deal without realizing it will cost them a finger.
How many fields obscure the form of payment, the amounts, the methods when you purchase a good or service? You're oversimplifying and glossing over the real issues.
If it was as simple as "there needs to be a form of payment" and nothing else mattered, then any form would be justifiable.
I think the blog author is misinformed about the session id? If you use that for marketing purposes, you need cookie prompt. The GDRP says only necassary cookies, if you also reuse the login cookies for purposes. It's not longer necassary right?
Otherwise it'd be so blatant loophole, you can only use cookies for their intended purposes and not reuse for them other purposes. I remember some details when i needed a way to prioritize user traffic via cookies, since lots malicous traffic dont have cookie storage, as long i didnt retain the cookie ID used for load balancing, as all information would be lost on reboot of haproxy process. I didnt need cookie prompt, but if i also used that for other purposes like visitor tracking, then I'd need cookie prompt even before setting the cookie.
If you are tracking people without a lawful basis (e.g. consent), you are violating the GDPR. It doesn't matter if you use cookies. (The article does mention this towards the end.)
It's not (just) GDPR and TFA mentions that as soon as they move on from Cookies, ie point 2 on local storage:
"This buys you nothing. Article 5(3) of the ePrivacy Directive".
They clearly have a product to sell but the article seems balanced and offers a good list of commonly used/proposed techniques that are not quite compliant.
As you alluded, there're more lawful basis than consent, one of most common ones being technical necessity to mitigate abuse.
Right, but even if you have a lawful basis for processing the data to collect aggregate statistics (which the article mentions), the GDPR still doesn't allow you to process the data for unrelated purposes such as advertising, which is usually what cookie banners are about. If you're using cookies strictly to implement the expected functionality of the service, there's no problem to begin with - you don't need any banners in that case.
How many fields obscure the form of payment, the amounts, the methods when you purchase a good or service? You're oversimplifying and glossing over the real issues.
If it was as simple as "there needs to be a form of payment" and nothing else mattered, then any form would be justifiable.
Otherwise it'd be so blatant loophole, you can only use cookies for their intended purposes and not reuse for them other purposes. I remember some details when i needed a way to prioritize user traffic via cookies, since lots malicous traffic dont have cookie storage, as long i didnt retain the cookie ID used for load balancing, as all information would be lost on reboot of haproxy process. I didnt need cookie prompt, but if i also used that for other purposes like visitor tracking, then I'd need cookie prompt even before setting the cookie.
Im not lawyer, but thats how I understood.
If you are tracking people without a lawful basis (e.g. consent), you are violating the GDPR. It doesn't matter if you use cookies. (The article does mention this towards the end.)
"This buys you nothing. Article 5(3) of the ePrivacy Directive".
They clearly have a product to sell but the article seems balanced and offers a good list of commonly used/proposed techniques that are not quite compliant.
As you alluded, there're more lawful basis than consent, one of most common ones being technical necessity to mitigate abuse.