Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> can afford to hire attorneys to keep them in compliance with GPDR

Compliance with GDPR is trivial for the absolute vast majority of businesses. Here's how GitHub does it: https://github.blog/2020-12-17-no-cookie-for-you/

--- start quote ---

At GitHub, we want to protect developer privacy, and we find cookie banners quite irritating, so we decided to look for a solution. After a brief search, we found one: just don’t use any non-essential cookies. Pretty simple, really.

So, we have removed all non-essential cookies from GitHub, and visiting our website does not send any information to third-party analytics services. (And of course GitHub still does not use any cookies to display ads, or track you across other sites.)

--- end quote ---



> Compliance with GDPR is trivial for the absolute vast majority of businesses.

Nonsense.

> Here's how GitHub does it

That's nice. GitHub is a billion dollar Microsoft subsidiary with a gigantic legal team on speed dial.

What does "non-essential" mean here? Personally, I'm not willing to gamble that my interpretation of "non-essential" matches the interpretation of some random EU bureaucrat.


> Nonsense

It's absolute truth

> That's nice. GitHub is a billion dollar Microsoft subsidiary with a gigantic legal team on speed dial.

And instead of third-party tracking, selling your data to the highest bidder, and pestering you with miles-long cookie popups with hundreds of "partners", they don't do any of that.

So, how is this impossible for any other business that doesn't have those lawyers?

> What does "non-essential" mean here?

The law has been around for 7 years now. If you still ask this question and assume that you need to spend billions on lawyers to do the easy sensible thing, it only means that you don't care about answers.




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: