GDPR: Successfully turning privacy problems into security problems.

Ugh – GDPR. From a legal perspective, GDPR was designed to give users control over their data. From a practical perspective, GDPR is the reason you had to click “Accept Cookies?” 12 times today without really knowing what cookies even are (and I’m sure you read all 12 privacy policies before clicking “Accept”, right?)

“The road to hell is paved with good intentions…”

I shouldn’t be so annoyed by these pesky little popups. But tonight I find myself searching for a chrome extension that can just auto-click-yes on all of them. The popups are not useful to me.

Turns out “there’s an app for that” called I don’t care about cookies. Looks like what I want, except…

Do I want to install an app that has ability to read all pages I go to and clicks “Accept”? This may seem like a circular question – am I worried about privacy to an app that’s going to help me ignore my privacy? But that isn’t the real issue. The real issue is that to fix GDPR’s UX problem requires me to turn a privacy problem (cookies) into a security problem: can I install this extremely powerful app at all? What if it’s malicious? Or what if it gets updated to do something malicious? Grrr…

Unfortunately I couldn’t find the open source for “I don’t care about cookies”, so my search continued. This time I found another app called “Consent Manager“. This one seems to take the opposite approach – attempting to decline automatically, but I also can’t find the open source. Foiled again. At this point, I’m out of time so I will give up.

Conclusion: I hope Google Chrome implements a checkbox on install that will enable users to “auto accept all cookie policies” or “auto reject all cookie policies”. If Google give you the choice, I’d say that falls within “do no evil”. Irony!