Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> Do you have a suggestion for how the GDPR site could implement this differently so that they wouldn't need a cookie footer?

Well, it's a information-only website, it has no ads or even a login, so they don't need to use any cookies at all. In fact if you look at the page response in the browser dev tools, there's in fact no cookies on the website, so to be honest they should just delete the cookie banner.





At https://commission.europa.eu/cookies-policy_en#thirdpartycoo... you can see the list of 3rd party cookies they use (and are required to notify about it).

     You Tube
     Internet Archive
     Google Maps
     Twitter
     TV1
     Vimeo
     Microsoft
     Facebook
     Google
     LinkedIn
     Livestream
     SoundCloud
     European Parliament
In theory, they could rewrite their site to not require any of those services.

reply


This is why the EU law was nonsense. Many of those cookies listed are just because of they want embed things like YouTube or Vimeo videos. Embedding YouTube to show videos to your users is massively cheaper and easier than self hosted video infrastructure. The idea that the GDPR's own website just implemented GPDR "wrong" because they should just avoid using cookies is nonsense and impractical.

reply


The other part of the point I was trying to make that if there's a different technological solution to cookie banners, the europa.eu sites are not demonstrating it. Instead, companies that don't do it that way get fined for some inadequacy in their approach.

Thus, I hold that the GPDR requires cookie banners.

---

Another part to consider that if videos (and LinkedIn for job searches and Google Maps for maps and Internet Archive for whatever they embed from there) are sufficiently onerous 3rd party cookies ("yea, we're being good with our cookies, but we use 3rd party providers and can't do anything about them, but we informed and you accepted their cookies")... then wouldn't it be an opportunity for the Federal Ministry of Transport and Digital Infrastructure https://en.wikipedia.org/wiki/Federal_Ministry_for_Transport or similar to have grants https://www.foerderdatenbank.de for companies to create a viable GDPR friendly alternative to those services?

That is, if the GDPR and other EU regulations weren't stifling innovation and establishing regulatory capture (its expensive to do and retain the lawyers needed to skirt the rules) making it impossible for such newer alternative companies to thrive and prosper within the EU.

Which is what the article is about.

reply




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: