Hacker News new | past | comments | ask | show | jobs | submit login

This is a hard problem still. AFAIK, it's still not really well understood what constitutes lack of compliance. I've worked at a few companies where we just work with a legal team to get an okay.



There's the risk of getting small details incorrect while making a good faith effort of complying.

And then there's what those platforms do, use every dark pattern possible to get the user to perform an action that they can interpret as consent.


I think the whole "legitimate interest" checkboxes that you can object to are the best example.

Like, if you have a legitimate interest (you need my address to do deliveries to me), then you don't need consent.

But clearly there's no legitimate interest in this case, it's just a dark pattern to get more data.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: