From a first perspective it actually looks good! I think these kind of regulation were really needed. But i would like to hear your opinions!
I think it’s the first law that companies will take seriously as it has % penalty instead of traditional “part of doing business” fine.
GDPR has that, too
But GDPR had severe loopholes. Like not forcing a reject all cookie button
It does force it, if I’m not mistaken. Rejecting all should be as easy as accepting all. The problem is with enforcement.
Google got severely fined for not making the reject all button as easy to click as the accept button. Now YouTube has the reject button 1-click in Europe
Rejecting must be as easy as accepting by law. If there’s an accept all button, there must be a reject all button. Google has taken this approach already.
Sadly, this issue won’t be pressed until enough people file complaints with their DPAs. Many of them are overworked and underfunded by dumb shit already so you should report thr issues you care about
I don’t understand where and how I need to file complaints. I live in France and Belgium, and have encountered several large and popular websites which enforce a “cookie wall”. This does not appear to respect the cookie law.
Every country has their own Data Protection Agency (DPA), which is tasked with protecting their citizen’s privacy. You can file your complaints with them, and after that it’s their job to go after the companies that are in violation. They have to do something about every complaint, but they’re not required by law to start an investigation if they’ve got better things to do. Some dude’s blog placing cookies illegally isn’t worth the effort if a bank may have just leaked thousands of bank statements, for example.
For the Belgian DPA, you can start here. There are specific websites for Dutch, French, and German speakers, but they’ll all end up with the same authority.
I believe the button at the bottom of this webpage should take you to the right complaint form. However, I haven’t read ant French since high school so I’m going by Google Translate here, you may need to click around on the website.
These complaints aren’t lawsuits, so you shouldn’t need any kind of legal assistance, unless the DPA decides not to pursue the issue (I believe you can appeal that decision first, but if they refuse your appeal you’ll have to directly sue the company or the DPA as a last resort).
It should be noted that you’re supposed to file the complaint with your local DPA. I don’t know which DPA is the right for your dual residency status. If either is correct, I believe the CNIL is probably the best option to pick, because I’ve read a lot of success stories from them. However, the Belgian DPA has previously successfully fined multiple websites for their violation of cookie laws.
It would probably be wise to read up on your rights. Cookies are governed by a combination of the GDPR (or rather, your local implementation of it) and the ePrivacy Directive (the “cookie law”). In some cases websites don’t need consent to place cookies, for example, so a full screen cookie notice merely informing you that they’re placing certain permissible cookies may not be illegal. However, most full screen cookie popups I’ve seen are particularly devious, and some even start placing cookies before you get the chance to opt out.
@Kidplayer_666 it does? specifically says withdrawal of consent must be as easy as giving it. just not properly enforced.
GDPR has either up to € or %.
The fines in the DSA are enormous: up to 6% of WORLDWIDE turnover.
I can only hope a similar law passes elsewhere or devices that comply with them are easily importable.
There’s some good stuff in there and it’s easy to cheer for some big new regulatory burdens being put on Google and Facebook, but it’s slightly chilling to think what it’d be like if they eventually try to apply it to the fediverse. It sets up teams of what it calls “trusted flaggers” for example, whose job it will be to scour the net for anything they believe to be “illegal content” and order it removed. I imagine they’d start with places like c/piracy, but once such a vast apparatus for net censorship is set up who knows where else it might start looking. They’ll use it to go after sellers of “counterfeit” goods as well. Imagine your instance admins being forced to go through some kind of appeals process to take down posts they don’t like, but being required to instantly take down posts the government doesn’t like.
I don’t know, it’s pretty complicated but there are some reasons to be slightly worried about it I guess.
