A new HTTP spec proposes elimination of obnoxious “cookie banners”

by
Jim Salter
from Ars Technica - All content on (#5K5R6)
  • cookie-yes-consent-banner-980x490.png

    Cookieyes.com-a site devoted to providing GDPR/CCPA consent solutions-unsurprisingly has an excellent, minimally invasive cookie banner. [credit: Jim Salter ]

The European Union's General Data Protection Regulation (GDPR), passed in 2018, requires websites to ask visitors for consent prior to placing cookies. As any Internet user is now aware, this means an extra step required when visiting nearly any website for the first time-or potentially every time, if you choose not to accept cookies. A new proposed HTTP standard from None of Your Business and the Sustainable Computing Lab would allow the user to set their privacy preferences once, inside the browser itself, and have the browser communicate those preferences invisibly with any website the user visits.

Advanced Data Protection Control

The proposed standard enables two methods of automated preference delivery-one that communicates directly with the web server hosting a site being visited, and another that communicates with the website itself.

When ADPC communicates directly with the web server, it does so via HTTP headers-a Link header pointing to a JSON file on the server and the ADPC header emitted by the user's browser. When communicating with the website itself, the mechanism is via JavaScript- configuration is passed as an object to the DOM interface, e.g., navigator.dataProtectionControl.request(...).

Read 12 remaining paragraphs | Comments

index?i=6Tghi8tqroQ:vYFT5f4aK_Q:V_sGLiPB index?i=6Tghi8tqroQ:vYFT5f4aK_Q:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments