Ask HN: How to Get Around GDPR?
I want to avoid compliance as much as I can. What are the ways I can comply with letter but not the spirit of it? I am most interested in ways to refuse service to people who do not accept but others corners I can cut as well.
20 comments
[ 3.5 ms ] story [ 55.6 ms ] threadAnyway this doesn't answer the question.
2. Unless you want to follow people across multiple sessions and multiple websites, you don't actually need any PI to make deductions for your client's behavior.
3. You can actually just don't track people who don't want to be tracked and optimize your service for those who want to be tracked.
And a question from me: what would you think of a restaurant owner who publicly asks how they can serve people the lowest quality vegetables that the law allows?
2. No just my own cookies but there are separate non-essential ones that I do 1st party.
3. Why would I want to do that when I get better with all customers tracked?
This is a bad analogy, I am not seeking to sell people's data or send targeted ads. Literally 100% to improve customer experience and sales.
The answer is simple. Don't allow access to anyone unless they provide you with the tracking info you want.
Personally, I refuse to access sites which require me to provide them with information I don't wish to provide.
Please do post your site name, so I (even though I'm not in the EU) can make sure never to go there.
Good luck!
2. I'm 90% sure that you can drop those cookies and keep log of their actions serverside.
3. Because you are denying agency to those people who don't want to be tracked. If your customers don't think that you respect them and their choices, they will say "f*ck you" and move to the business next door. People are social creatures and we often do irrational things to reassure ourselves that we are respected by those we deal with.
On the other hand, if you are smart, you can diferentiate on the fact that it is your own tracking. A sample cookie banner is:
This website does not share your data!
We don't use third party trackers and we will never share your data with anyone.
We use cookies only to make the service better and we promise never to use them for anything else.
Button: Yes, I agree to cookies as far as all of it stays between us.
Button: Thanks, I've really considered it and I'll skip on the cookies this time.
First, this is not the usual cookie banner and it will be interesting. Second, it shows that it is a personal relationship between you and the customer. Most people deny cookies because it is like letting someone follow you all around the town taking pictures of everything you do, say or buy. Third, you clearly make a promise to maintain this way of work in the future. Of course, some people will deny the request, but they will have one less reason to do so and it is very likely that they might change their minds.
Finally, you can always think for a better analogy, but think of the essence of it: a business owner asks publicly how to circumvent the law in order to mislead their customers to the nature of the service they are providing.
Just don't do business here, we couldn't care less.
Also you did not help with the question or point at answers.
https://www.facebook.com/business/gdpr
https://www.nytimes.com/2019/01/21/technology/google-europe-...
https://wptavern.com/german-court-fines-website-owner-for-vi...
You're giving away data to whoever your analytics provider is, that's not much better.
> I have to let the site function for people who reject my analytics cookies
Yes, because people should have the right to buy your service/product without having third-parties stalking them.
If you're that vehemently against complying with the GDPR, then block visitors from the EU.
And, as someone said please post the URL to your site. I'd like to avoid it. Not that I'd ever stumble across it by accident, but stranger things have happened ...