Explain Like I'm Five

14220 readers

4 users here now

Simplifying Complexity, One Answer at a Time!

Rules

Be respectful and inclusive.
No harassment, hate speech, or trolling.
Engage in constructive discussions.
Share relevant content.
Follow guidelines and moderators' instructions.
Use appropriate language and tone.
Report violations.
Foster a continuous learning environment.

founded 1 year ago

MODERATORS

[email protected]

ELI5: Legitimate-interest cookies (kbin.social)

submitted 1 year ago* (last edited 1 year ago) by [email protected] to c/[email protected]

24 comments fedilink hide all child comments

So almost every GDPR cookie consent banner out there has a section for "legitimate interest" cookies that they can leave on by default and you will inadvertently accept even if you choose "Reject all" unless you go to the detailed settings and disabled those too.
Some of them have dozens of legitimate-interest cookies.
I read some articles about what they are and why it is allowed to keep them on by default, but they were very vague. So can someone explain it to me like I am five?

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 5 points 1 year ago

The rule itself is not a loophole.

To use legitimate interest as a reason to process data you need you be able to argue that you do actually have a good reason to do so and that the user would expect you to process it.

For example, I think that websites have a legitimate interest in anonymously tracking your browser behaviour to analyse performance data and errors so that they can improve their app.

The loophole is that advertisers use it to process way too much data (when they are pretty much the reason for the bloody law in the first place) and that nothing is done about it.