I never consent to give my data away or being tracked, but how do you deal with so called legitimate interest? I tried several times to untick them but it is a long list (in fact at the bottom there is a “vendors” link with even longer, much longer list. It took me 10 minutes to get to the bottom of it once).
My questions:
-how can we trust these so called legitimate interests when they are self defined by companies whose business model relies on your data?
-how can we find out what these legitimate interests are and what data it collects?
-are such companies controlled in any way?
-is this kind of consent form compliant with EU gdpr? (normally opt out is to be as easy as opt in, and there is no “refuse all” for these so called legitimate interests).
-what are your strategies against such sites tracking you? Or am I just being paranoid?
The sheer amount vendors is daunting, the Internet really turned into crap
Edit: when clicking Preferences at the bottom the content of the legitimate interested is spelled out for each vendor, so this replies one of my questions.
deleted by creator
Legitimate interest is just an out to get around tracking users.
I wouldn’t be surprised is many data trackers don’t pay attention to any of the permissions and agreements. It’s hard to validate they aren’t in compliance and it’s hard for most people to even challenge these businesses.
Even if these businesses where legally challenged they can just close the business. Then take the same software and start a new business doing the same thing. If you look at the amount of companies you information is shared with under legitimate interests it can be in the order of hundreds.
deleted by creator
This is the worst one I’ve been subjected to so far. Was on some gaming-related site, don’t remember which one
deleted by creator
deleted by creator
So the gaming site/high score connection wasn’t intended? Oh well 🤷
I wouldn’t be surprised is many data trackers don’t pay attention to any of the permissions and agreements. It’s hard to validate they aren’t in compliance and it’s hard for most people to even challenge these businesses.
organizations like la quadrature validate and challenge those businesses. Europe is relatively strict on this subject.
- It’s not gdpr compliant in the way shown here or IAB TCF uses it.
Legitimate interest is a sort failsafe which can be used to cover certain exceptions.
- the datacontrollor must have an exceptional situation, so not on a regular basis.
- the balance between personal and business interest must be considered carefully under case by case basis.
- the dataprocessor isn’t the one doing the consideration
Automating all this is kind off against all the above.
Just autowipe cookies on pageloads. Use fast rotating vpn, tunnel through tor twice, run computer in ram only, remove all storage devices.
Ez
Amateur advice. Don’t own your own device. ask your friends to look up things for you on their devices, then print them out and mail them to your PO Box. Untraceable.
But how did you pay for the PO box? Using cash, think of the fingerprints. And don’t forget about the post office spies
Solution, don’t have an address or talk to anyone ever, scavenge your own food.
Untraceable
What about the cats?
The musical or the movie?
Honestly? I wouldn’t trust either.
Legitimate interest is just bullshit.
Can I have your:
- wallet
- emails received
- telephone number
- pin code
- visa card numbers
- browser history
- home address
- dates you won’t be home
- alarm code
I too am legitimately interested in this data.
Why are you asking for their consent? You’re using their personal data on the basis of your legitimate interest.
Hey, these faceless corporations deserve your info. /s
If it won’t let me untick all but the essential cookies easily - close tab, move on.
Recently I realised that some “reject all” options still don’t reject the “legitimate” bullshit, so I now avoid those sites too (and no, I don’t trust that extensions that claim to reject all for me will actually reject all).
I’ve got better things to do with my time than scrutinise these cookie pop ups and/or go through lengthy lists individually unticking options. Fuck that noise - don’t have minimal respect for users? Then I’m definitely not providing you any of my data (the sites that make it the hardest rarely hold information you can’t easily find elsewhere)…
Your browser can block cookies.
Your browser cannot block server-side abuse of your personal data. These consent forms are not about cookies; they’re about fooling users into consenting to abuse of their personal data. Cookies are just one of many many technological measures required to carry out said human rights abuse.
I just accept all cookies. But I use Firefox Focus which deletes all cookies and browsing history every time I close it!
Have https://noyb.eu/en or https://www.eff.org/ or others never covered this ? If not it would be good to get them interested ?
And the “we play nice” respons of IAB: https://iabeurope.eu/iab-europe-tcf-and-noybs-war-on-cookie-banners/
Thank you, these were two very interesting read on the gdpr law, spirit of the law and the complexity of enforcing it (and how those data-thirsty suckers always find a way to carry on their wrongdoingds)
Do not question, just obey.
Use Firefox (or a hardened fork like Mull) with uBlock Origin and you’ll never see this BS again
I thought legitimate interest meant you were legitimately interested in giving up your data to those vendors???
Nope.
And now hand me over your wallet. You can’t deny it, I have legitimate interest.
It’s their interest, not yours.
Is that in an Android app? I also hate how there’s no refuse all button, and it can take 15 minutes to opt out from all manually. I just use Rethink DNS to block ads and trackers and hope that that’s enough.
Legitimate interests may be those that allow the functionality of the service as such (eg. technical details), all others are blocked or fed with false data to make it clear to them, where they can introduce these “legitimate interests” with Vaseline.
Legitimate interest is a way for the vendors to not need your confirmation. In general, your right to privacy is valued against the vendor’s right to operate. The most often used example is advertisement: in general, vendors are allowed to advertise, as they want to operate and sell their products. But you have a right to your data (e.g. mail adress, home adress, interests…). So courts have to value what is more important. Another example that most people would agree is that clubs want to show what happens in the club, so they publish pictures from their activities (interest of club to show they are active vs personal right to your image). As not every case goes to court, most vendors see their interest as more important and interpret “legitimate” interest rather loosely. So in general, the idea of legitimate interest is compliant with the GDPR, although I believe most sites use it too liberal.
They’re legitimately interested in your data.
Use a script obfuscator. I’ve been using one for about a decade now and it’s extremely easy to tell when companies are doing illegal spying. Looking at YOU ebay. My full name is not GKDSLGFJDS ZKGWKDSF, you fucking assholes. Enjoy the cement shoes when the advertisers you sold “my information” to find out that it’s nothing but strings of randomly long random characters, kinda like what happened to twitter when they started lying and saying everyone who used their platform was SUPER into crypto (Yes, this was pre-Elon. All Musk did was bring the nazism of the platform to the surface. For an example of what twitter was really like you need look no further than BlueSky where you need to go out of your want to “disable nazis” because the CEO is convinced the average person wants to see hitler apologia)
