So last year, the European Union enacted a new privacy law called the General Data Protection Regulations (GDPR) that give users more control about their privacy settings (handling of cookies etc..), and that come with the threat of heavy fines for non-compliance starting at up to €10 million, or 2% of the worldwide annual revenue of the prior financial year, whichever is higher. Small blogs like CNX Software will never make that kind of money over the course of their life time, but we must still comply. After discussing with other bloggers, I activated Quantcast Choice plugin for European users last year in order to be in compliance to the best of my knowledge.
That means the first time a European user visits the website he/she should be presented with the following window to either accept the default use of cookies, or click on “Show Purposes” to either decline all cookies and or select which vendors are allowed to store cookies. For most users that’s just a one time thing, and as I understand they have to re-confirm every few months (6 months?). But some users add a plugin – such as the EFF Privacy Badger – to disable tracking in their web browser, which is all fine and good, except the QuantCast Choice plugin stores your privacy settings in a cookie and Privacy Badger prevents the cookie from being stored, which results in the QuantCast GPDR popup to be disable for each and every page, and makes browsing on the website a pain.
I had one or two persons report this type of issue when I enabled it last year, and reported the bug to the plugin developers, which promised to look into it. But there’s no solution so far, and in the last week, I received an angry tweet, a polite email, and an informative Google+ conversation about Quantcast GDPR Popup. So I decided to look into it, enable BrowserSec VPN to browse CNX Software from a European Location, and install Privacy Badger. I could reproduce the issue easily after deleting the cookies.
I found a workaround, which may or may not be acceptable to everyone, but I found that after enabling Cookies for the four consensu.org domain above solve the issue. Users still get to have most tracking disabled, and are able to browse CNX Software without having the GDPR popup show up for every single page loads. Let me know if you have a better solution.
Jean-Luc started CNX Software in 2010 as a part-time endeavor, before quitting his job as a software engineering manager, and starting to write daily news, and reviews full time later in 2011.
Support CNX Software! Donate via cryptocurrencies, become a Patron on Patreon, or purchase goods on Amazon or Aliexpress
What I was hoping for, but what did not work for me, is that after enabling the cookies and accepting I could disable those cookies again in privacy badger, but as said that did not work for me…
I suspect PB also blocks read access to the cookies.
Hi,
I realized after contacting, that it was indeed privacy badger that caused the troubles.
I delayed sending another mail because I was ashamed..
You’re amazing
No need to be ashamed, I only found out after discussing with Rene in Google+.
Reminds me that G+ is about to fold…
It will get worse on March 7th when G+ notifications won’t work.
That’s why I moved on on MeWe as well.
Theres also another way to stop receiving GDPR popup on every time you open this (and many other) webpages.
You can block the consensu scripts with uMatrix plugin. It even blocks that scripts by default.
Such a fine grained control of every webpage you visit can be a little bit annoying tho…
Or move away from Europe and its shitty bureaucracy which instead of protecting users against abuses annoys everyone and forces everyone to leave cookies everywhere just to say they don’t want cookies. And yes I’m in Europe and thanks to GDPR now I probably leave twice as many cookies as before.
GDPR is indeed a textbook example of self-voiding measure.
Bureaucrats rarely consider the unintended consequences of their regulations.
The motivation may well be intended to benefit people, but sometimes the result makes things worse.
As to “sites” moving away from Europe, there are quite a number of significant sites in the USofA (including some major newspapers) which now refuse to show any content to European browsers because they have no intention (so far) of implementing the necessary GDPR software.
So thanks to the GDPR, European readers have had content effectively “censored” — a far cry from the original intent of a free and open exchange of information over the internet.
It’s really amazing to read that ! In France, we have since 1978 the CNIL that protect people against abuse of their personnal informations. GDPR is an extent of rules from the CNIL, with even more strict use.
If some web sites refuse to show their content to EU browser, it’s a really good thing because that mean they are using your personnal informations in a way that violate every rules in your country. That mean collecting data, seliing them to everyone, keeping them forever, using them to track your full navigation, etc… And blame yourself when you see the Cambridge Analytica data scandal, that should alert you about what a compagny could do with large set of informations. Feel free to think it’s not a bad thing and just accept all cookies, but leave the choice to other to refuse that. I’m very happy with the GDPR, it’s a minor pain for webmaster and a great move forward to defend users.
That’s a logical fallacy.
If a site refuses to deliver content to a EU geoiped browser, that means that the owners of the website decided that benefits from EU visitors do not outweigh the costs of implementing and maintaining compliance or possible fines.
While it covers a lot of sleazy, but legal in their jurisdiction adtech enterprises, truly malicious actors rarely care much about fines.
Anyway, as Aliexpress, Joybuy, Banggood and most other China-based sites with not that overpriced ICs are not GDPR-compliant and probably won’t be in the foreseeable future, this topic is a bit moot.
Hello, I’d like to point out that under GDPR users are infact not supposed to be asked to opt out. Further expectation of privacy and opting out is the default and users should not be forced to give consent to anything and access to a service cannot depend on the consent – which is what these pop ups have wrong. You might like to have a look at https://noyb.eu/4complaints/ which also includes legal analysis.
This is by no means meant to criticize, just to provide this info in good faith. Thanks for writing such good informative blog.
These rules are written by people who have never seen a computer in their life, let alone a piece of code running on it. They have no idea what a cookie is, how tracking works, when it’s a technical requirement (server affinity) or used for privacy abuses, but what they can do is write laws which affect our experience of the net. The next expected outcome of these stupidities will be that large sites like google will give up, blocking access from europe, replacing the search page with an explanation of the stupidity of GDPR and the list of the people who created it, and then everyone will be encouraged to contact their local politicians to get rid of these dinosaurs and regain access to the net. I wouldn’t be surprised if VPN operators sell more *since* GDPR!
You are totally wrong. And the Quantcast choice plugin is badly configured in many (if not all) website like in Cnx-software. The popup should show on the main page 2 options, “refuse everything” and “accept everything”. GDPR rules are very clear about this.
I’m sorry but I don’t want my web experience to be summarized to what it currently is : having to click popups everywhere to read the most basic information on anything. It’s fun to see that the people who defend this need for popups are often the same who used to fight popup ads in the past for the same reason : they make the web unbearable. People are biased it seems.
I thought you are outside of EU, have no business in eu and are not especially targeting European users, so I think you could just ignore gpdr? After all its a European Union law and not a world police law?
see https://www.gdpreu.org/the-regulation/who-must-comply/
“Two primary groups of entities must therefore comply with the GDPR.
Firms located in the EU
Firms not located in the EU, if they offer free or paid goods or services to EU residents or monitor the behavior of EU residents”
And if you as an eu resident use services not meant for you? LOL EU follows the US in their vision of world domination 😉
A bit off topic but privacy related…
1. Is BrowserSec comparable to the well known Express VPN or NordVPN?
2. Given VPNs are speed killers, how about smartDNS for geo-unlocking?
Any DIY tutorials for setting up smartDNS?
I heard that smartDNS servers don’t handle data traffic so can save big on egress data bills for VPS, but don’t know how it all works.
I don’t have the exact answers to your questions, but for reference, I’m using BrowserSec because it’s free, and easy to enable/disable within the browser.
I was getting the popup every day, now it seems fixed.
I use stock Firefox but block 3rd party cookies and have tracking protection on. I also block some tracking through local DNS.
Almost all sites that use this popup still give me trouble.