**Bálint** @szbalint@x0r.be · May 30, 2018, 06:56

**Bálint** @szbalint@x0r.be · May 30, 2018, 06:56

Bálint @szbalint@x0r.be

So many sites do:

“Here are cookie, advertising, tracking policies. Here is an OK button.”

After not clicking the ok button but attempting to continue:

“You must agree to our tracking policy”

That is explicitly not allowed/illegal under GDPR.

American companies including the Washington Post really have a damn hard time wrapping their head around that an agreement means you can decline to agree to it, and GDRP says refusing to be tracked is not grounds for a site to refuse service.

**Jigme Datse Yli-Rasku** @JigmeDatse · 2018-05-30T07:53:44Z

Jigme Datse Yli-Rasku @JigmeDatse

@szbalint If it is "essential to the service" apparently they can refuse the service.

It simply doesn't make sense to me either. If you want to log in, it is practically impossible to do without the use of cookies. But much of the other things that people (at least people in the know) would like to be able to opt out of, are not essential.

"domain privacy service" is *not* essential to the service. You shouldn't be opting people *in* in the name of complying with GDRP.

May 30, 2018, 07:53 · Web · 1 · 2