return to table of content

Meta now lets EU users unlink their Facebook, Messenger and Instagram accounts

AlexandrB
105 replies
1d1h

It's constantly frustrating to read about European users getting cool new features to help manage their digital life that the rest of the world doesn't get. The expected cost in lost ad revenue per user must be pretty significant to justify the complexity of keeping this stuff limited to Europe.

miohtama
58 replies
1d1h

There are also downside for European regulations. There is no free lunch and some toll needs to be paid.

Some examples include

- Banning encrypted messaging (almost passed)

- Cookie pop ups

- Various regulations harming open source (discussed before on HN)

Also due to how Europe is wired up, the cost of doing startup business is higher, why there are fewer and fewer successful European software growth companies.

ko27
22 replies
23h41m

Your examples are terrible, which probably proves the point that EU users are getting more than they are losing. Btw Europe != EU.

Banning encrypted messaging (almost passed)

It's a positive thing that it was brought up and struck down. EU is the actually the one you should be thanking because most European countries would ban it.

Cookie pop ups

Malicious compliance by websites, but at least users have a choice of opting out of tracking. Again, a positive thing.

Various regulations harming open source (discussed before on HN)

The most recent changes are so watered down that it basically only applies to commercial open source companies that are turning a profit. It's helping users more than it's harming the open source community.

whywhywhywhy
16 replies
23h32m

Malicious compliance by websites

If the legislation had been written correctly then the current nightmare wouldn’t exist.

Should have been a browser level setting the sites are forced to comply with. The pop-up per site with free rein how obtuse it can work was always gonna suck. Pure incompetence from the politicians involved.

imiric
8 replies
23h21m

This is always brought up when EU cookie regulations are discussed. If only the EU consulted HN readers...

It's true, though. The technical language could've been written in a way that makes it more difficult for websites to circumvent, and less annoying for users. Or the regulation could've been amended to clarify and improve the technical aspects.

That said, getting to a regulation at all was probably a bigger nightmare, with Big Tech lobbying against it every step of the way. So I'm glad that we even have the current GDPR, and that the EU is still leading the way in privacy regulations globally.

varispeed
4 replies
22h43m

The cookie regulation was designed to train people to "Agree" without reading.

It was a prerequisite step for GDPR that was designed to legalise data collection and trading.

Before GDPR it was a gray area, now companies can easily get consent as users mindlessly click "Agree" to data processing and selling and they have a legal basis to do so.

These are corrupt laws, but most people blindly believe EU is good and totally not in bed with big corporations.

akie
2 replies
10h33m

You have clearly not seen the amount of people who click "deny all" or "only statistics". Before the GDPR _everyone_ had to accept _everything_ a website sent their way and didn't have a say in it, after the GDPR only 33% of people click "accept all" on the cookie banner for the fairly large e-commerce site I work at.

If the goal of the GDPR was to train people to click "Agree" and to legalise data collection, then that law was an abject failure.

varispeed
1 replies
6h18m

How do you know that only 33% click accept all if you are not meant to track those who deny?

That said 33% of consent, legal to be sold is better than 100% of gray area.

Before GDPR you didn't have explicit consent and you still could be on the hook for trading personal data.

The system is working as intended.

sofixa
0 replies
5h6m

How do you know that only 33% click accept all if you are not meant to track those who deny?

Without tracking it's easy to:

a) compare the total number of visitors vs those who accepted tracking

b) just increase a counter for each "No"

imiric
0 replies
22h20m

The cookie regulation was designed to train people to "Agree" without reading.

That's a cynical take. In reality, companies took advantage of the loose technical language to do the least possible work to comply with the law, while doing their best to implement dark patterns to confuse the user into clicking "Agree". This is something that can be improved with stricter regulation, but it will always be a cat and mouse game.

It was a prerequisite step for GDPR that was designed to legalise data collection and trading.

Another cynical, and also false, take. The GDPR wasn't "designed" for that. In fact, it actively tries to prevent it. An EU citizen can contact any company in the EU and demand to access all their personal data, or for it to be deleted. This is an unequivocal win for people to regain control over their personal information.

Is this the best that governments can do? Certainly not. I'm still glad that at least something exists, and the tech industry is not entirely unregulated, as in most other parts of the world.

These are corrupt laws

No. These laws are a step in the right direction. Unfortunately, the strong influence and rapid pace of development of the tech industry means that governments will always play catch up, even when they want to pass laws that protect their citizens.

most people blindly believe EU is good and totally not in bed with big corporations.

Citation needed. Name me a government that is not in bed with Big <industry>. Big Tech in particular is in strong symbiosis with governments, as they both share some common goals. So, sure, there's that. And yet despite of it, the EU still passes laws that fight Big Tech's reach, and fines companies when they don't comply. Can it do better? Sure. But name me a government on Earth that does a better job at this than the EU.

We don't need to get political here. But it's foolish to spew cynical takes when some governments are at least trying to fight Big Tech, and even more foolish to imply that their attempts are making things worse for its citizens.

rakoo
2 replies
19h23m

and less annoying for users.

You seem to be inverting cause and consequence: it's the websites who are annoying to the users, not the law. The banner is optional, it only exists because websites want to collect your private data, not even to make the thing work.

Or the regulation could've been amended to clarify and improve the technical aspects.

The regulation has been clarified to mean something important: refusal must be as easy, visible and doable as acceptance, so people can click "refuse" everywhere. Lack of acceptance mean refusal, so people can close the banner.

imiric
1 replies
18h13m

You seem to be inverting cause and consequence: it's the websites who are annoying to the users, not the law.

No, I mean that the law could've been written in a way that makes giving consent less cumbersome for users. I agree with GP: if it had been a browser setting that websites _must_ comply with, like the abused and now dead DoNotTrack header, then we wouldn't have ended up with annoying consent forms to begin with. After all, it does make sense for this to be a global user preference, rather than something the user needs to consent to on each site. Even without getting into technical details, this should be evident to anyone.

I'm not aware of why this didn't happen, or why the DNT header was killed, but it wouldn't surprise me if the (ad)tech industry strongly lobbied against it, and won. The internet loves to criticize this oversight as incompetence from politicians, but politicians couldn't have elaborated the technical aspects of the law without IT consultants, and these surely understood what could be the implications. The fact they went with the consent form approach, and the fact this hasn't been rectified years later, is probably a sign that the tech industry still has considerable sway in regulatory matters.

But to blame this situation on the law itself, or the EU, is just delusional. I'm still happy it exists, warts and all.

rakoo
0 replies
9h16m

But nothing prevents browsers from doing so ! In fact you can even configure your browser to never show those popups, and everything is fine. Everytime I switch people over to Firefox I install ublock origin and the list that blocks cookie popups: https://jasonmurray.org/posts/2020/cookies/ (there are even more settings to block even more popups today)

Actually Google is seeing the wind turn and is slowly moving away from cookies, so it did even better than what you wanted: it will effectively kill (unnecessary) cookies as a whole.

I have no issue believing lawmakers did in fact take advices from IT experts, seeing how they could make the difference between useful and unuseful cookies. But the law never goes into implementation details, that's another level of regulation, and the real effect is coming: the major browser will block third-party cookies. That will change everything.

phatfish
3 replies
19h20m

It works fine now, many sites i visit have a "Deny All" button which was how it was supposed to work. Initially, (inevitably) private corporations found a way to subvert the spirit of the law to their benefit.

Getting the legalise of legislation right first time is almost impossible when there is an army of lawyers, paid by corporations, whose job it is to unpick it.

klabb3
2 replies
18h30m

It works fine now […] many sites i visit have a "Deny All" button

That’s not fine. It’s anti-thetical to the very idea of the web. Accepting this shit as a compromise is exactly what we did with adblockers and that battle is still ongoing, and not solved. Whenever the greasy finger of corporations end up inside our browsers, whether it’s fingerprinting or meaningless consent screens, or tracking cookies/pixels/scripts, things are not dandy, imo. I don’t have a solution. Just saying.

jocoda
1 replies
11h5m

"... anti-thetical to to the very idea of the web"

I'm genuinely curious and not trying to pick a fight here. The core idea behind html when it was first conceived was that it allowed you as the viewer to present that info in any way that you chose. You can change the font, etc to suit your own preferences.

This idea got killed by content providers who mostly want to hardwire their content layout because they know better. So where is this "idea of the web" coming from. Surely there's no longer a central core idea, it's just what each of us make of it, and as a result we're often in conflict about how things go.

Did choice get formally taken away? Does the content provider get to choose how it's done now?

klabb3
0 replies
3h42m

So where is this "idea of the web" coming from. Surely there's no longer a central core idea

Like with “democracy”, it is not possible to create a comprehensive formal definition that embodies the full spirit of the idea. Without getting too philosophical, the web is client-server based where the provider controls the server, and the user controls the client. There are fierce battles being fought on both fronts:

- Providers are being lured by ad tech giving you a free (as in beer) space in exchange for relinquishing any control of the server. An example would be YouTube where you get free hosting if you comply with opaque community guidelines and strike systems. Limiting linking to other “platforms” aka websites is another example. A more subtle example would be cloud infrastructure where switching provider is designed to be prohibitive.

- Users are under attack based on their IP geo, VPN usage, extensions (ad-blockers primarily), fingerprinting, UA sniffing, JS obfuscation, video DRM etc. The most egregious example is to force users to download an app (a client that the provider controls fully). Captchas is a more subtle example.

Note that there are real hard problems with a healthy web, notably DOS protection, which needs some level of client fingerprinting (like IP rate limiting).

However, large businesses – many of whose success is built entirely on top of the web – are actively eroding it for banal selfish reasons. Much like how democracy can be leveraged by those who don’t believe in it in order to gain traction, only to later be dismantled to maintain power and control.

troupo
0 replies
20h19m

If the legislation had been written correctly then the current nightmare wouldn’t exist.

It was written correctly. Because it's a General Data Protection Regulation. It applies in equal measure to websites, apps, paper records, SaaS, shops, government entities etc.

And it says: "do not get more data than is required for your business. If you want more data, the user must give consent, where opting out is the default, and must be as easy as opting in".

Now, what exactly is badly written in the law? You can start with quoting exactly where it requires existing cookie popups.

For example, GitHub found out they need exactly none: https://github.blog/2020-12-17-no-cookie-for-you/

Should have been a browser level setting the sites are forced to comply with.

It's called the Do Not Track header, and at one point Safari removed it because the companies you think are blameless used it to track users

palata
0 replies
18h23m

If the legislation had been written correctly then the current nightmare wouldn’t exist.

Legislation is not a technical spec. It's made purposely to be interpreted. And companies are made to optimize their profit given the constraints set by the law. Sometimes companies have to bet that if they do X, they won't get a fine, and decide if they want to take that risk.

Companies can even bet that the fine will be smaller than the profit, which is often the case. And that, IMHO, is the problem: we (I mean our governments) should be much, much more aggressive with the fines. BigTech can basically do anything they want because the fines are always ridiculous (because BigTech are too big, sure).

CaptainZapp
0 replies
9h18m

Well, if this scum, which is adware companies, would have respected the Do-Not-Track flag set in the browser this wouldn't have been necessary.

Now, would it?

pronik
2 replies
21h37m

> Banning encrypted messaging (almost passed)

It's a positive thing that it was brought up and struck down.

You see, the thing about european legislation is that certain stuff, especially stuff people oppose, is proposed over and over again until it passes. It costs almost nothing to re-propose things like killing net neutrality or banning end-to-end encryption, but it's very costly to oppose them. Which the politicians and lobbyists know and use to their advantage.

jonkoops
0 replies
20h45m

Well at least people's voices are being heard, not something I can say for every country, federation, or union.

Vinnl
0 replies
19h52m

That does not sound particularly specific to the EU to me?

varispeed
1 replies
22h47m

It's a positive thing that it was brought up

No it's not. People should be fired for proposing such things as they breach human rights.

It's like being happy that someone proposed genocide of all men over 60 to save on pensions and that the idea didn't pass.

aqfamnzc
0 replies
20h59m

Perhaps GP meant that the end result is a net good, since now it's in the books that it was positively, explicitly struck down? (Rather than being ambiguous or assumed, with no records etc.)

Anyway, reading sibling comments it seems like it's not that simple either way.

airstrike
17 replies
1d

Cookie popups are a net positive because users are given a choice. Besides, in the US we often still get the popups but they're just useless, with the only option being "accept"

alwayslikethis
15 replies
1d

Unpopular opinion: the proper place to controll cookies is from the browser, not from the website. Browsers should show a prominent way to disable or otherwise restrict persistent storage to websites to inhibit tracking.

ulucs
6 replies
1d

DNT exists, and the cookie banners did not need to be regulated into existence if the websites did not strategically ignore the DNT header.

whatshisface
3 replies
23h58m

Why not regulate the DNT header into expressing the user's cookie banner preferences?

progval
1 replies
23h47m

GDPR does not specify what technology to use to acquire consent [1], as long as the user consent. Trackers could honor the DNT header if they wanted to, and show the banner as a fallback for browsers not sending the header.

[1] You can read the text: https://eur-lex.europa.eu/eli/reg/2016/679/oj there is a single instance of "cookie" (in the preamble) and no instance of "banner".

Aloisius
0 replies
22h48m

> Consent should be given by a clear affirmative act establishing a freely given, specific, informed and unambiguous indication of the data subject's agreement to the processing of personal data relating to him or her, such as by a written statement, including by electronic means, or an oral statement. This could include ticking a box when visiting an internet website, choosing technical settings for information society services or another statement or conduct which clearly indicates in this context the data subject's acceptance of the proposed processing of his or her personal data. Silence, pre-ticked boxes or inactivity should not therefore constitute consent.

While DNT could potentially be used for opt-out, it wouldn't comply for opt-in because it is not specific or informed as the user does not know what specific data processing activities will be done, can't opt-in or out of specific data processing activities, doesn't know the identity of those doing them or that they can withdraw consent at any time.

shortsunblack
0 replies
21h3m

DNT specification does not allow for giving valid consent under GDPR because it is not granular and it is not informed. There's no browser dialogue that details the requested consent for which and what processing.

There are proposed browser signal specifications that would meet legal GDPR consent defintions. See https://www.dataprotectioncontrol.org/spec/

And as for why DNT did not took off, it's because MSFT sabotaged it by making DNT set by default in Internet Explorer. The social contract in that time between adtech, publishers and users was that the signal would strictly be opt-in. The adtech industry used IE making DNT the default as justification for not honoring any of the signals being sent by browsers. It doesn't take a lot of reasoning to realize MSFT did this on purpose, knowing it itself earns income from ads.

petre
1 replies
23h40m

I've checked and sadly it's listed as deprecated on MDN. I don't know if there's anything to replace it.

latexr
0 replies
23h29m

But it was deprecated precisely because websites either ignored it or used it as yet another signal to identify users (thus making it have the opposite effect to what was intended).

tgv
1 replies
23h54m

Tell that to the Chrome team.

summerlight
0 replies
22h58m

https://assets.publishing.service.gov.uk/media/62052c52e90e0...

You probably want to tell that to CMA first.

xigoi
0 replies
1d

The problem is that you can’t tell if the site actually needs the cookies to work properly. And it does not help against other kinds of tracking.

weberer
0 replies
20h23m

I use uMatrix for that. I have it set to block all cross-domain cookies by default.

shortsunblack
0 replies
21h7m

Neither GDPR nor ePrivacy directive demands cookie walls. ePrivacy directive demands consent. That consent can be given programmatically by browser APIs. There's even acknowledgement of such possibillity in the legal text (see point 7 in the directive). GDPR itself does not demand cookie banners, either. It merely demands there to be a legal basis for processing of data that constitutes personal data. One of those bases is consent. It's not the only basis. Other notable basis includes contractual necessity (includes all the cookies that are necessary for user experience, i.e sth like PHP placed session cookie).

Browsers do not have automated means to give consent/not give consent under ePrivacy because the largest browser is ran by an ad company. Monetarily speaking, the ad company earns more if it coerces its users with dark patterns into giving consent under ePrivacy than it does offering pro-user choice technologies to give a blanket not consent.

And ePrivacy itself is not just about cookies. EDPB recently released binding recommendations that severely expanded the perceived scope of ePrivacy (the true scope was always as it is, the adtech industry just ignored it). ePrivacy includes JavaScript side tracking, fingerprinting with various APIs and so on. It's not just cookies.

miohtama
0 replies
19h41m

Your opinion should be more popular. Seems like even a lot of technically savvy readers on HN miss this.

Xelbair
0 replies
7h45m

It was done, and turns out that piece of info was just used as an additional data point for tracking.

EasyMark
0 replies
17h59m

I mean there are extensions like "consent-o-matic" that auto answer for you, but the law doesn't require any functions like that in a browser. I suppose it was a compromise between business interests and consumer advocates when they worked out the law for the EU?

mderazon
0 replies
20h37m

I don't know. The web is pretty unbearable here in the EU due to the cookies consent.

Even more, many times I find myself wondering why a site is not responsive to my clicks just to find out there's some hidden cookie consent that didn't fire up properly and now I have to inspect the DOM to remove it manually.

gherkinnn
4 replies
1d

Obtrusive cookie banners are somewhere between malicious compliance or a sign of shady business practices. Now that I see it spelt out like this, they are always a sign of scumbag companies.

shp0ngle
3 replies
1d

They are present even literally on the pages of the EU organs that proposed them.

Go to European Commision page - bam, cookie banner.

troupo
2 replies
20h12m

Compare a clear "allow cookies/allow only essential" to the industry standard wall of "we care about your privacy, so we sell your data to thousands of trackers that you have to opt out of manually"

Though yes, government services shouldn't use anything but essential cookies (for which you don't need a cookie popup)

shp0ngle
1 replies
19h14m

That's switching goalposts.

You said only scammy businesses have cookie banners... no, all websites have cookie banners now in EU, and it's majorly annoying, unless you use extensions that click it for you.

(The most popular one is owned by Avast. Which is a horrible company that sells users data. So... yay?)

troupo
0 replies
11h55m

You said only scammy businesses have cookie banners

I didn't

all websites have cookie banners now in EU

All the sites that collect more data than strictly necessary, yes.

Here's an example of a website that spent need a cookie banner: https://github.blog/2020-12-17-no-cookie-for-you/

The most popular one is owned by Avast. Which is a horrible company that sells users data

Indeed. This should tell you all you need to know about these cookie popups and companies that use Avast's, or IAB's or Admiral's cookie popups.

akie
2 replies
1d

Also due to how Europe is wired up, the cost of doing startup business is higher, why there are fewer and fewer successful European software growth companies.

I really believe the primary reason is that Europe is not one culturally homogeneous area that speaks one language - like the US. Having that is such a huge benefit.

Doing marketing, promo, getting traction, legal documents, taxes, - anything - for your startup in your ONE country is already difficult. Now imagine doing it in 25 countries before you get to have scale benefits equal to the US or China.

dataking
0 replies
13h46m

I really believe the primary reason is that Europe is not one culturally homogeneous area that speaks one language

There are likely several reasons at play, culture being a big one. However, there are other reasons at play such as differences in law, financing, immigration, the job market. Bert Huber, an entrepreneur in the EU has given this some thought:

https://berthub.eu/articles/posts/is-europe-just-not-good-at...

berkes
0 replies
20h58m

Exactly. We are building a platform that helps founders generate a sales strategy in the EU. We're half a year in and almost tackled "how to write good emails to Dutch prospects". Next up is Flemish, which has the same language, but a very different business culture. With luck, we have then captured a few percent of the EU tech market.

Germany is so different, that we'll need to hire several experts for the different regions in Germany. France too. Italy and Spain, unattainable (we are told) without at least a local branch and solid local staff. That's still only a portion of the EU.

"Cookie banners" are not the reason tech is hard in Europe. If you believe that, you really don't know anything about Europe or the EU.

flohofwoe
1 replies
1d

The cookie banner isn't required if the web page isn't doing shady things with cookies though.

poszlem
0 replies
23h51m

"shady things"

troupo
0 replies
20h16m

fewer and fewer successful European software growth companies.

It's funny how you slipped in "growth companies" in there.

How about... profitable companies? In the past 10-15 years most "successful" US companies have been fueled by unlimited investor money with zero expectations of profits. I mean, look at YC's "top startups list". They lose billions of dollars every year. But sure, they grow. Like cancer

tester756
0 replies
21h25m

- Cookie pop ups

Websites do not have to show cookie pop ups if they are using only technical cookies like auth tokens.

sofixa
0 replies
1d

Various regulations harming open source (discussed before on HN)

But coming from a good idea - make vendors responsible for the software they put out, to prevent tons of abusive practices like shutting of cloud services making paperweights, or never updating massively holed software harder. The ramifications for open source were then realised, and the legislation which is still under planning/review has been drastically updated to make it more applicable for open source software.

Banning encrypted messaging (almost passed)

But didn't?

Also due to how Europe is wired up, the cost of doing startup business is higher, why there are fewer and fewer successful European software growth companies.

Which has little to do with regulations, much more to do with the size and wealth of the potential markets.

why there are fewer and fewer successful European software growth companies

Is that bad though? Are software "growth" companies a requirement for something? There are tons of successful software companies in various European countries, just not at the level of their American counterparts. Again, with quote obvious reasoning - there are 4x the people in the US compared to France (which is top 2 by population in the EU), and Americans both earn and spend more in USD not adjusted for anything.

mderazon
0 replies
20h42m

Also lately, getting the newest LLMs features much later than the rest of the world, or not getting them at all

camillomiller
0 replies
10h51m

Or, there are fewer overinflated unicorns that produce no societal value at all and exist solely as a marketing-fueled VC bet that will make a limited amount of people ultrarich relatively fast while the rest of us shoulders the social, economic, and financial burden of their efforts. Potato, potato.

TheCoreh
0 replies
22h53m

What's frustrating is that we get the annoying things like the cookie popups everywhere but the beneficial stuff is somehow properly region locked to inside the EU?

EasyMark
0 replies
18h3m

I've always been curious if you offer a service for profit, but don't want to adhere to EU laws (obviously just avoiding EU customers at all). Is it enough to block EU country IP addresses so that Interpol doesn't get the Feds to kick in your door and turn you over to them for prosecution or freeze all your bank accounts for not sticking to the many Internet laws that you might not be familiar with? Is anyone aware of how to deal with fire walling off countries where you don't want to deal with the legalese?

cnity
19 replies
1d1h

FWIW, we also get non-stop cookie permission banners and often just straight-up denied access to certain services that don't want to have to jump through the hoops.

blackbeans
15 replies
1d1h

If you don't want to deal with cookie banners, there are browser extensions you can install to automatically accept them. However, although the cookie banners are sometimes a nuisance, it is still a good thing that people are informed and given the option to accept it or not.

stavros
11 replies
1d1h

I agree in general, but when I see a dialog box titled "We respect your privacy" and a choice between "allow all" or "see more", I donate 0.10 € to NOYB.

vdaea
9 replies
1d1h

If anything, every time I have to click through one of those banners I wish that activist organisations/politicians had to pay me for having to go through it.

stavros
7 replies
1d1h

You can get an extension that will automatically click "allow all" and everything will be exactly as it was before this directive.

Filligree
5 replies
1d

I want one that automatically rejects all.

alwayslikethis
2 replies
1d

You can disable cookies in browsers so that cookies do not persist after session close. Firefox lets you add a whitelist of sites to allow cookies, too.

vdaea
0 replies
1d

Cookie banners will still appear.

probably_wrong
0 replies
23h59m

If I understand the law correctly, your suggestion is good on practice but could be harmful on the long run.

When I click "I agree" I am not agreeing to cookies but rather to tracking. If the website wants to track me with (say) browser fingerprinting, deleting the cookies will not stop them from tracking me across sessions. Even worse: since I agreed they no longer need to show me a warning, so I may not even notice that I may want to revoke that consent.

If I don't want to be tracked, saying "I do not consent" is the only legally-actionable way. Deleting cookies works now because cookies are still cost-effective, but this won't remain true forever.

stavros
1 replies
1d
latexr
0 replies
23h18m

Emphasis mine:

In most cases, the add-on just blocks or hides cookie related pop-ups. When it's needed for the website to work properly, it will automatically accept the cookie policy for you (sometimes it will accept all and sometimes only necessary cookie categories, depending on what's easier to do).
vdaea
0 replies
1d1h

I wish that was true, but those extensions are far from flawless. Still, they are a massive improvement over having to click away all banners, especially for those of us who have our browsers set to clear cookies when quitting the browser.

Yujf
0 replies
1d1h

It is not the activists fault that the company wants to track you. They do not have to show you that stuff if they don't so unnecessary tracking

latexr
0 replies
23h23m

when I see a dialog box titled "We respect your privacy" and a choice between "allow all" or "see more"

It’s usually “we value your privacy”, which always makes me think “you put a value on it, alright, can’t wait to take it away”.

switch007
0 replies
1d1h

Those extensions are far from perfect in my experience (ditto the lists in uBlock Origin)

Often leave you wondering why you can’t click anything on the page

pgeorgi
0 replies
1d

https://consentomatic.au.dk/ also allows to reject them automatically.

latexr
0 replies
23h20m

If anything, there should be extensions to automatically reject them. It’s a testament to how draconian the process to do it usually is that the extensions just surrender. Every time an extension or person accepts those, they’re reinforcing those companies’ choice to break the law¹ in the name or profit.

¹ The GDPR is clear that rejecting must be as simple as accepting.

patrickmcnamara
1 replies
1d1h

The only things I've been denied as an EU citizen on the web so far have been US local news websites. And tbh I assume that is just one company that has a blanken policy of sorts. So I don't think "often" is accurate here.

whatshisface
0 replies
23h56m

That's just the secret program to get Europeans to stop making fun of us.

zht
0 replies
1d1h

that's propagated to the rest of the world lol

coldpie
18 replies
1d1h

We could have these regulations in the US, too, if we voted for them.

carlosjobim
12 replies
1d

European citizens didn't vote for those regulations.

makeitdouble
8 replies
22h34m

To a larger point, european citizens are largely favorable to those regulations, which makes passing these rules possible, and not a political suicide.

HN might not be representative, but the number of comments we see defending companies's right to make as much money as they can and against regulation that would add costs to businesses is IMHO pretty high. If that's the general US sentiment, politicians the have little upside in putting burdens on tech companies in the first place.

carlosjobim
7 replies
22h2m

European citizens are largely ignorant of EU regulations, EU politics and EU spending. Most European citizens do not know the name of the EU president. But Europeans will categorically support and agree with EU policy and laws.

As for cookie laws, can we honestly say that they have done anything to protect people from corporate spying and abuse of private information? Real regulation would be to outlaw that kind of spying, not putting up annoying banners so that some web developer can feel good about themselves.

yau8edq12i
4 replies
21h32m

European citizens are largely ignorant of EU regulations, EU politics and EU spending. Most European citizens do not know the name of the EU president.

Very bold claim. Do you have any sources to back it up? EU politics are in the news all the time here.

carlosjobim
3 replies
21h25m

Go ask a European. Who are the three EU presidents? Who were the EU presidents before them? Then ask them who is the current US president? And which presidents were before him? Which are the two top candidates in the 2024 election?

yau8edq12i
1 replies
5h14m

In case it wasn't clear from my comment: I'm European...

carlosjobim
0 replies
4h12m

That is my point: You can ask anybody on the streets.

troupo
0 replies
20h9m

Because the person doesn't matter. Policies matter. And Europeans largely prefer privacy-protecting regulations

makeitdouble
0 replies
16h29m

European citizens are largely ignorant of EU regulations, EU politics and EU spending.

On spendings, probably. On regulations, oh boy do people care.

Regulations have pretty direct impact on each countries' economy, and they get discussed nationally before being applied. That means meat prices rises when some practices get banned or a whole sector suddenly getting competitive when barriers to entry are lowered.

For better or worse, people care a lot, and the negative sentiments are enough to fuel may extreme side politics.

Shacklz
0 replies
18h59m

Most European citizens do not know the name of the EU president.

Probably a bit controversial but to some degree, that is a good thing. It prevents personality cult and allows to pursue agendas that think in longer terms.

In Switzerland, quite a big part of the population could probably not name the current seven members of the federal council - they can actually get work done, without having to appease the public at every corner.

drooopy
2 replies
1d

European Citizens voted for the people who voted for those regulations.

tgv
0 replies
23h48m

And we have input via our governments, and the national parliaments have a say in the procedures: a group of 1/3 of all national parliaments can send proposals back.

carlosjobim
0 replies
23h46m

Yes, and so do American citizens. Whether you agree or disagree with the regulations, they were never voted on by the people.

segasaturn
0 replies
1d1h

Both parties in the US are in the tank with big tech (see: NY Dems killing right to repair)

int_19h
0 replies
23h21m

We don't vote for regulations, we vote for politicians. Who are a package deal, so in practice you're voting on several dozen different issues at once, and you inevitably have to prioritize. I don't think you'll find significant opposition to many of these laws in US, it's just that it's never going to be that one thing that drives people to vote for or against some candidate or party.

Levitz
0 replies
1d1h

My experience is that stuff like this gets framed as "pro consumer" in Europe and "anti corporation" in the US. The difference runs deep.

JumpCrisscross
0 replies
1d1h

Or just called our electeds about it. I’ve worked on privacy issues. Past tense, because after a massive effort like two people call and the bill is dropped. (Except in Oregon. Oregonians apparently call and write about privacy.)

BobaFloutist
0 replies
1d

Ok, how about this: "It's a bummer that the rest of the voting population doesn't agree with my priorities enough to enact similar privacy regulation to Europe."

greggsy
1 replies
1d

I wonder if I could just change my location in settings?

ProAm
0 replies
17h35m

Most apps like this us GPS to verify as well. A lot of gambling apps require that permission so you can't just VPN to legality.

wizzwizz4
0 replies
1d1h

It's just politics. Ask your legislators to give you the cool stuff as well.

sofixa
0 replies
1d

Thanks to the Brussels effect[1] some of it can trickle down.

https://en.wikipedia.org/wiki/Brussels_effect

makeitdouble
0 replies
22h44m

A part of this is the products being fitted to US market and only after they get traction do they hit the other countries. That means any of the wider digital management, privacy etc. are literally after thoughts, and the business model also doesn't properly fit.

With that approach I think we'll always get products that are optimized for free + ads first and foremost, as the US public reacts better to those, and once it's setup it's just so hard to pivot to paying models.

ProAm
0 replies
17h37m

If you are in the US write your local congressman. Its the only way things like this change with companies that are too big and powerful. Takes a long time to turn a big ship.

Hamuko
0 replies
1d1h

Eh, can't be that excited about anything involving the data hole that is Meta Platforms products, even if they make some EU concessions. Maybe when we get that EU-only iOS sideloading support I can finally be more smug about it.

cnity
46 replies
1d1h

This must have been a painful engineering effort that I bet absolutely consumed the backlogs of at least tens of teams. Usually business assumptions about user accounts have their tendrils deep into the architecture and services that presumably many many years of code sits on top of.

ffpip
11 replies
1d1h

presumably many many years of code sits on top of.

Not so many, since they tried to link all 3 only few years ago

https://www.theverge.com/2019/3/6/18253472/mark-zuckerberg-f...

LinAGKar
10 replies
1d1h

That may be the case for Instagram, which was developed separately and then acquired, and which still uses separate accounts that AFAIK can be created without a Facebook account, although they can be connected to one.

Messenger though has always just been the chat function on Facebook, which can nowadays also be used via a dedicated website/app if you like. It doesn't even have separate account infrastructure on the backend, unlike Instagram. Looks like they're getting around that by essentially creating a second Facebook account, with social media features disabled.

wrboyce
5 replies
1d

Many years ago when I disabled my Facebook account I noticed that Messenger continued to work, so there was definitely some level of separation.

smashed
4 replies
1d

But can you really disable a Facebook account?

TheRoque
3 replies
1d

Disabling merely means just making yourself invisible, and the Facebook profile unusable, but all the data stays there. If you delete it though, your messenger account is no more.

eastbound
2 replies
21h41m

Even for EU citizen with GDPR?

Sharlin
0 replies
20h50m

Disabling is what it says on the tin, giving you the chance to re-enable the account later. Nothing GDPR-violating with that. As long as you are also given an option to actually nuke all your PII.

RHSman2
0 replies
11h39m

Anonymize data with a restore capability. Maintains historical continuity for never ending total user awareness.

Perz1val
1 replies
1d

There has been an option to create messenger only accout (so you could do that for your grandma who would not have figured facebook anyways, but you can send her photos now)

labster
0 replies
11h44m

That’s a ridiculous use case, only grandmas are on Facebook these days.

wodenokoto
0 replies
13h55m

Messenger though has always just been the chat function on Facebook, which can nowadays also be used via a dedicated website/app if you like

I would venture to say that messenger as a separate service/app has been a thing for at least a decade now.

gmerc
0 replies
14h57m

Messenger was moved into its own product for growth reasons (and app size reasons initially), it’s been separate for a long time

stavros
6 replies
1d1h

Usually business assumptions about user accounts have their tendrils deep into the architecture

If their business assumptions are "users will never have a choice about how much we track them", they deserve what they got.

ethbr1
5 replies
1d

"They" being Meta, yes.

"They" being engineers, eh?

It's a tough sell to justify greenfield dev effort when there's a BigCorp paved road laid out for you.

avgcorrection
4 replies
1d

"They" being engineers, eh?

If you’re a volunteer Roman legionnaire don’t be surprised when you are ordered to march on Gaul.

ethbr1
3 replies
23h53m

Fair! I took the original question in the vein of "Who is to blame?"

I feel like IC latitude isn't usually sufficient to say "Do we really want to require the identity our platform is based around?"

someotherperson
1 replies
23h22m

I haven't worked for a company as large as Meta but we encounter these issues on smaller projects too: should the unique identifier for an account be their email? Or a UUID? If your business only uses SSO, should you use the [Google/Microsoft/whatever] ID as the identifier for that user on your database?

I personally wouldn't think that Facebook engineers would have had their hand forced on something like this.

ethbr1
0 replies
23h9m

Oculus engineers apparently did.

So I'd imagine the internal pressure over something closer to main products would be the same or worse.

Centralizing identity was (prior to the EU) a core moat for Facebook/Meta.

ryandrake
0 replies
23h33m

ICs (at least the people good enough to pass a Meta interview) have a choice of where they work though. I've quit a job where I had an ethical issue with what the company was doing with the code I wrote. When Company X does something naughty, the individual developers need to at least share blame with the managers making the decisions. After all, whose fingers are typing the code in and hitting submit?

XghTk
5 replies
1d1h

Those are all acquired services, so the opposite is likely: they were linked together through the number of ugly hacks.

dewey
4 replies
1d1h

That was a very long time ago though, so I could imagine that there's not much left from the original code base after it was moved onto Meta's infrastructure.

sitzkrieg
1 replies
23h13m

yea sf companies are definitely known to cleanup their hacks to go to market at any cost w a barely working thing later

dylan604
0 replies
21h17m

isn't that done naturally when they rewrite it the trendy language of the day?

chimeracoder
1 replies
1d

That was a very long time ago though, so I could imagine that there's not much left from the original code base after it was moved onto Meta's infrastructure.

They only linked them a few years ago, in anticipation of an antitrust battle. They are now unliking them because they have lost/ceded that fight.

EMIRELADERO
0 replies
23h23m

Could you elaborate on that?

jarjoura
4 replies
22h10m

The challenge isn't unlinking accounts in the database, that's just a simple copy command. The challenge is in all the metadata that is used for account A (Facebook), and account B (IG) that can no longer share any downstream metadata.

So when you have to split the two apart, it's likely a hard legal requirement that there's no way account A can know anything about account B anymore. This means, countless metrics and logs and whatever has to be thrown away. So I imagine, there's lots of auditing of systems and every single property that is stored somewhere was scrutinized in long meetings.

Less an engineering burden than a policy and legal burden.

klabb3
1 replies
18h38m

A burden that is proportional to the amount of personal data the corporation collects sounds excellent.

closeparen
0 replies
17h36m

The compliance burden is proportional to the complexity of the architecture. You could have vast quantities of highly invasive personal data written to a monolithic RDBMS, and it would be simple matter of following foreign key relationships. Or you could have a very minimal set of entities & transactions actually collected from the customer via the edge, but propagated through so many microservices, queues, logs, warehouses, pipelines, and derived tables that it's infeasible to comprehensively trace all the scraps. The latter is more typical of a consumer internet company AFAICT.

dmix
0 replies
15h9m

I have a feeling a lot of HN devs overvalue the value of old data... probably because they have adblockers and dont know what ads they are targeted for. Youtube's algorithm seems to forget my interests after a year (or less), I often have totally new feeds than I did 6 months ago. When I got back into music production and also watched some airplane crash videos my entire feed became music + "dark stories" related content bringing non-stop music gear + engineering related education sites. Almost all ads I see on my phone via Google properties are related to the current thing I care about.

Beyond biographic details which are 99% disconnected from my old individual instagram/fb data (FB can just buy some correlation between email/phone/IP from my credit card or private postage company or whatever) they probably only profile IRL off the last 1-2yrs of your browsing behaviour in most cases.

The classic privacy invading ads usecase is a woman who is pregnant suddenly getting ads for kid stuff before other people they know they are pregnant. They probably won't be getting those ads a year later. At most they are now labelled as potential mother in some macro profile, but for day-to-day targetting it's all about the current thing she's looking at online.

I'm not defending this stuff and macro details matter for privacy at the nation-state and higher level, but my general point is that it's a living machine, constantly adapting with a short timeframe of data to maximize utility, not one that cares much about what you googled a few yrs ago 99% of the time.

RHSman2
0 replies
11h36m

Going through something the same, can tell you the people process and collaboration across teams (engineering, warehouse, legal and front end/backend) is the complexity as it takes time and then all downstream events are not synching in same paradigm.

Really requires a huge effort to pull together the right people and get fast feedback loops to stop inertia.

andy_ppp
3 replies
1d

And it’s good for consumers and Facebook can afford to do it, I wish the UK was still in the EU and I would be extremely happy about unlinking Instagram from Facebook just to avoid their notifications for it that pop up on Instagram never mind the ease of spying this creates.

notahomosapien
2 replies
1d

Isn't the UK GDPR basically the same as the EU GDPR?

withinboredom
1 replies
23h50m

Different sized teeth.

davidwritesbugs
0 replies
8h52m

Same size teeth, different inclination to bite.

madsbuch
2 replies
1d1h

Could be that they have not been entirely consolidated yet as they all previously were individual products.

From a user perspective is appears like the users have been relatively loosely coupled.

mynameisvlad
0 replies
1d1h

Instagram might have been a separate product, but Messenger was just Facebook’s built in chat feature.

cnity
0 replies
1d1h

True, in which case it might be even more painful: imagine ending a year long epic to consolidate user account logic only to have to reverse it.

waynesonfire
0 replies
1d

Probably not, if it was painful they would have done it everywhere. Since now they have to maintain two configurations, linked and unlinked.

It also highlights how much revenue is tied to this bundling of service since it's probably very expensive to maintain this dual configuration.

summerlight
0 replies
23h3m

At least they have a choice to unlink accounts, which probably makes the overall DMA compliance much easier. For Google, it's just been an engineering nightmare, cross-cutting across the entire stack :D

scyzoryk_xyz
0 replies
22h44m

Sounds like a them problem not an us problem. Nothing they couldn’t afford „tens of teams”. It’s a nice moment living in the EU, knowing that common sense policies like GDPR and anti-trust can be enacted and enforced.

rodgerd
0 replies
21h32m

This must have been a painful engineering effort

It would be less painful if it were a universal option, and they didn't have to test with a bunch of geo-linked options.

mcmcmc
0 replies
1d1h

It’ll save them a good chunk of time when they eventually get split off like Baby Bells

loceng
0 replies
1d1h

I guess part of karmic consequence of "move fast and break things" motto - especially when it comes to not caring to develop or have forethought on security-safety concerns for what such a system, a digital version of The Facebook, could have on society; Harvard was planning to launch a digital version of their print version of The Facebook - and part of Mark's history he's quoted as saying, along with lying to the ConnectU twins he was hired to develop, that he didn't understand why Harvard was taking so long to get it going - that he could do it way faster; the externalized costs/harms are practically incalculable - all for that sweet sweet cheap-shallow-manipulative advertising revenue.

j45
0 replies
18h48m

Could the limited EU accessibility to this engineering feat be broadened by users identifying as living out of Europe?

amelius
0 replies
23h53m

And I bet management asked: what can be so difficult about decoupling the accounts? Just set coupling=false somewhere or something, okay?

SOLAR_FIELDS
0 replies
14h50m

Given that the people on these teams are reaping stock from the efforts of mining personal data for people over decades I have a very strong “not sorry” feeling about any sort of negative anything that employees of Meta might experience. I would even go so far as to say, fuck these people, I have no empathy for you. You decided to be a part of the problem, and sucks to suck

josephcsible
13 replies
1d1h

It annoys me every time a company makes a long-requested change, but only for EU users. Since the technical work required for it had to be done anyway, it seems to be pure malice that they don't just give it to everyone.

micromacrofoot
7 replies
1d

isn't this the "free market" that many in the US brag about?

altairTF
5 replies
1d

Kinda, but this is also how the free market dies—happens little by little. A change here, a law there that helps the people, oops, now the law makes it harder for competition to get in, and so on and so forth.

DaiPlusPlus
3 replies
23h47m

Btu a free market (which is devoid of anti-competition regulation) also makes it harder for competition to get-in. Not to mention the problems of regulatory-capture (see: Boeing and the FAA).

It's almost as if the best (or rather: least-worst) option we have lies somewhere in-between laissez faire capitalism and mandatory state-ownership of all industry...

int_19h
0 replies
23h13m

It's not a 1D spectrum. You can have laissez-faire arrangements that still preclude massive concentration of capital (and thus effectively gut capitalism) without going all in on public ownership of everything. The key thing to remember is that private property rights themselves require some kind of government to maintain by using force when necessary - i.e. the existence of private property is inherently a step away from true "laissez-faire". Thus the government doesn't need to aggressively collectivize anything to avoid concentration of capital; it just needs to refuse to protect such concentrated capital.

csallen
0 replies
23h23m

> somewhere in-between laissez faire capitalism and mandatory state-ownership of all industry >

Yes, which describes both the US and Europe. It just comes down to where to fall on that spectrum.

altairTF
0 replies
21h48m

I don't think even the most well-intentioned state have the incentives to properly allocate resources in the market. Usually, when state-owned industries fail, the taxpayer suffers, so the administration has little to no incentive to actually do good in the long run.

pgeorgi
0 replies
1d

The business models this regulation harms are the business models that aren't desired to begin with. As such, a competitor is encouraged by regulation to find another, compliant angle to deal with monetization.

And competitors that already do that get an uplift (over time, but still).

int_19h
0 replies
23h18m

Not quite. It would be a free market if people could freely move across borders. The overall arrangement that we have - where goods and services flow almost freely, but the movement of consumers and labor is restricted - is inherently abusive.

judge2020
2 replies
1d

it seems to be pure malice that they don't just give it to everyone.

Only if you consider malice ~= profit.

guerrilla
1 replies
21h23m

Why would you not? What is malice if not intentionally harming people out of greed? Is it only malice if the intention is explicitly and strictly sadistic?

LightBug1
0 replies
19h2m

Some woeful 'giving the benefit of the doubt' in some of these comments. No disrespect.

mrtksn
0 replies
16h32m

If you think about it, the US seems to be voluntarily headed to universal plug for charging EVs after many years of incompatibility. EU got that almost immediately.

Though, it can be argued that the US plug is a bit better since the standart that almost all companies finally agreed to adopt is the Tesla one. However, it could have been the other way around too - the companies could have adopted a very shitty plug if Tesla had a shitty plug simply because their adoption is based on the charging network dominance and not on the plug superiority.

So, I guess its not a clear cut.

baliex
0 replies
1d1h

Not just malice, profit too

pfdietz
11 replies
1d1h

I already unlinked myself from all those.

plussed_reader
6 replies
1d1h

How?

xyst
2 replies
1d1h

Not using them, or deleting accounts

plussed_reader
1 replies
22h58m

Neither of those are unhooking the services from each other.

pfdietz
0 replies
22h0m

I already unlinked myself from all those.
dewey
2 replies
1d1h

Probably by not using them in the first place.

pfdietz
1 replies
1d

Bingo!

moffkalast
0 replies
22h47m

Galaxy brain move.

georgeecollins
3 replies
1d1h

Me too, but unfortunately the Quest 2 and Quest 3 are really good if you like to use VR. So now somewhere I have a Facebook account that does nothing except report on what VR games I am playing. Hopefully no one is friending me! If so, sorry for the spam of useless information.

MikusR
2 replies
1d

Quest stopped needing a Facebook account more than a year ago.

bonton89
1 replies
23h44m

Now it just needs a Meta account, totally different thing.

MikusR
0 replies
11h6m

This, but unironically.

superjan
6 replies
1d1h

If that’s what it takes to get them compliant with EU’s GDPR, shouldn’t the same apply to youtube and gmail? Or the rest of google services, for that matter?

Sjonny
3 replies
1d1h

I recently got a popup in youtube to unlink the accounts, so already on their way.

0cf8612b2e1e
1 replies
23h3m

Does this mean a potential Google YouTube ban would be firewalled from a Gmail ban?

nolist_policy
0 replies
22h24m

Nope:

Your data from all Google services, regardless of whether they are linked, may still be shared across all services for certain purposes, like preventing fraud, protecting against spam and abuse, and complying with the law.
flohofwoe
0 replies
1d1h

Yep, just wanted to write that exact same reply. It was one or two weeks ago and asked for permission to unlink YouTube, GMail, etc... from each other (as I understood it, when "opting out", login with the same Google account will still work, but they're not allowed to share data for ad profiling, recommendations etc...)

SushiHippie
1 replies
1d1h

I got a popup today after opening google play, which let me decide if I want these services linked together or not.

SushiHippie
0 replies
1d1h

This is the information they provided:

About linked services Google currently shares data across its services for the purposes described in its Privacy Policy at g.co/privacypolicy, and depending on the previous choices that you've made about your privacy settings, such as Web and App Activity, YouTube History and personalised ads.

As of 6 March 2024, new laws in Europe will require Google to get your consent to link certain services if you want them to continue to share data with each other and other Google services as they do today. For example, linked Google services might work together to help personalise your content and ads, depending on your settings.

Services you can choose to link You can choose which services to link from this list of Google services:

Search YouTube Google Play Ad services Chrome Google Shopping Google Maps All other Google services that are not listed here are always linked and therefore able to share data with each other for the purposes described in our Privacy Policy, depending on your privacy settings

What data is used Personal data that is collected about your interaction with Google services can be shared across any linked services. This includes:

Searches Videos you watch on YouTube Apps you install from Google Play Associated info, such as your device info All the other types of info described in our Privacy Policy How Google uses this data Google uses data shared across linked services for all the purposes that are set out in our privacy policy:

Providing personalised services, including content and ads, depending on your privacy settings Maintaining and improving our services Developing new services Understanding how people use our services to ensure and improve the performance of our services Performing other purposes described in our privacy policy What won’t be affected The choices you make about linked services will not change:

The purposes for which Google uses data Your privacy settings, such as choices you have made about personalising Google services Aspects of a service that don’t involve sharing data The following can always be shared across Google services:

Info that’s associated with your Google Account and not specific to any service, such as your profile picture or the info used to verify your identity Content or info you’ve chosen to make publicly available on Google services, such as comments you’ve posted on YouTube Your data from all Google services, regardless of whether they are linked, may still be shared across all services for certain purposes, like preventing fraud, protecting against spam and abuse, and complying with the law.

Your data may also be shared across Google services to effectively help you complete tasks when two services are offered together. For example, if you make a purchase on Google Play, Play and Google Payments will share related info so that you can complete your purchase.

Things you should know Other settings let you control whether you see personalised content or ads. Linking Google services is not about sharing your data with third-party services.

If services aren’t linked, some features that involve sharing data across Google services will be limited. For example, if you have personalisation on for a service in your privacy settings but don’t link that service, you won’t get personalisation based on data from other services, but can still get personalisation based on data from that service.

You won’t be signed out of any Google services if you choose not to link services.

How to manage linked services You can manage your choices, including selecting other Google services to keep linked or withdrawing your consent, in your Google Account at myaccount.google.com/linked-services. You can also manage your other settings, like Web & App Activity, YouTube History and personalised ads, in your Google Account.

black_puppydog
6 replies
1d

I'll hold out on whatsapp until I can unlink "send this text to that number" from "here's a copy of my entire phone book"

Timshel
2 replies
1d

Not to encourage you to use whatsapp but on android an empty work profile is nice for this use case.

nolist_policy
1 replies
22h28m

I just use OpenContacts from F-Droid and leave my phone contacts empty. OpenContacts has a extra button to open a contact in Whatsapp.

yepguy
0 replies
15h24m

GrapheneOS has a feature called contact scopes[1] that lets you pick which contacts apps have access to. It's great!

[1]: https://grapheneos.org/usage#contact-scopes

DaiPlusPlus
2 replies
23h43m

"here's a copy of my entire phone book"

I don't know how or why that was ever legal in the first place, and why Facebook and LinkedIn haven't been sued to death over it.

The contacts-matching system is how Facebook and LinkedIn'ss ultra-creepy "People you might know" list works, and I have no-doubt this will have led to things like journalists' confidential sources being discovered and harmful outing of closeted people, and worse.

whywhywhywhy
1 replies
23h29m

I’ve never uploaded my contacts to FB but it still recommends people I worked with or met 20 years ago because they uploaded theirs.

Extra evil because you can be triangulated from the uploads of many naive people, so essentially they win in the end.

aqfamnzc
0 replies
20h56m

Same situation with DNA. I may avoid getting an online genome test, but once a couple cousins send theirs in I'm basically a part of the network at that point

ryandrake
5 replies
23h28m

This is great, now do Oculus. I shouldn't need to have an "account" to use my O.G. Rift offline. It's like needing an account to use a monitor.

Handprint4469
2 replies
23h9m

It's like needing an account to use a monitor

Given the current enshittification trends, I would not be surprised if in the next few years Samsung, Acer, LG, et al decide that a subscription model for monitors is exactly what they need to pump those share prices up.

wepple
1 replies
20h51m

IIRC I required a Samsung account to use my TV. Won’t buy anything from them again.

tacocataco
0 replies
3h47m

Definitely don't get samsungs refrigerators.

I've heard similar things about their other appliances but I've only ever owned the fridge.

str3wer
0 replies
11h31m
colordrops
0 replies
21h45m

I tried using John Carmack's instructions to unlock my old Oculus Go, which involved your Facebook account for some reason, and got banned from my account twice.

BiteCode_dev
5 replies
1d

Same with google with youtube.

Good.

People keep bashing EU for making innovation hard, and there are a lot of truth to it.

But I welcome this kind of restrictions.

sofixa
2 replies
23h58m

The EU doesn't make innovation hard, it just puts rules in place to ensure that your "innovation" cannot be abusing users' data.

Nothing is stopping any of the thousands of EU companies innovating in all sorts of fields.

dataking
1 replies
13h51m

While I agree that there is lots of innovation and talent in the EU, I think there is also an "innovation gap" with other developed economies. Here's a take from the Economist [0] but you can find similar articles from the Financial Times, Blomberg, and other similar outlets.

[0] https://www.economist.com/europe/2022/02/26/europe-is-the-fr...

danielscrubs
0 replies
11h59m

It is a hit piece here for example they compare a whole group to a subset:

“western Europeans were a quarter poorer than Americans in 1990, and remain a quarter poorer today. ”

And when they say they do less research Id argue the research is done in universities for the benefit of mankind instead of something corporations do. Latest example is Stable Diffusion developed by the CompVis group at LMU Munich.

But if you ask the common man he will say it is something by OpenAI.

There are really no good institutions left, only good people.

smoldesu
0 replies
20h38m

People keep bashing EU for making innovation hard, and there are a lot of truth to it.

If you consider the GDPR or DMA limitations on "innovation", then I don't want you innovating.

okanat
0 replies
17h54m

If it is easy, it is not innovation. You're not finding and improving a thing then. True innovation requires novelty and effort. Even smallest innovative projects require many many thoughts and redesigns until they become even an MVP.

The US tech giants were coasting and amassing compound wealth without by innovating but buying the innovative companies or disregarding a basic human right: privacy.

True innovation is and should be difficult and it shouldn't come at the cost of human rights that people has fought over for centuries, sometimes with their own blood.

gevz
4 replies
1d

Is there a criteria to be qualified as a EU user? I assume there must be more than just geo-ip location. What will happen if I pretend I moved to EU for the sake of decoupling all Facebook accounts.

calmoo
1 replies
1d

These days most accounts are geolocated by your phone number, in my experience anyway.

gevz
0 replies
1d

It seems that Facebook proper does not require you to have a phone number. I just tried signing up and there is an option to use email.

reincoder
0 replies
21h49m

I work for IPinfo. I often see IP geolocation data being used for compliance purposes, so I will share some insights.

This question relates to algorithms and the definition Facebook has set up for "EU User". What parameters have Facebook's legal team considered adequate to label an account belonging to an EU user? It is difficult to say.

They will probably look into multiple factors like phone number location and GPS-backed data to identify the true location of an EU user. Now, the interesting part is that if you use a VPN quite frequently, you will notice that IP geolocation data is treated as a universal truth on cookieless interactions. Facebook will likely have a significant amount of data beyond IP geolocation data to infer the location information of their user. But they are likely not going to do that as they launch this new feature. So, it all comes down to how seriously Facebook wants or is required to identify an EU user.

rconti
0 replies
17h5m

Same question. EU IP address? For how long? EU citizenship? But EU citizens shouldn't have to send their passport info to Facebook in order to unlink accounts.

Euphorbium
2 replies
1d1h

Google also let me unlink youtube and other services. Probably forced by EU.

bandergirl
1 replies
20h29m

Source? What do you mean by “unlinking”? There is no YouTube login, are you saying it will spin off a new gmail/google account?

copirate
0 replies
18h5m

YouTube also asked me if I wanted to unlink my YouTube account from other Google services. I can change this setting at https://myactivity.google.com/linked-services and it says:

Google currently shares data across its services for the purposes described in its Privacy Policy at g.co/privacypolicy and depending on the previous choices you’ve made about your privacy settings, such as Web & App Activity, YouTube History, and Personalized ads

As of March 6, 2024, new laws in Europe will require Google to get your consent to link certain services if you want them to continue to share data with each other and other Google services as they do today. For example, linked Google services might work together to help personalize your content and ads, depending on your settings.

The whole text is here: https://pastebin.com/iSmeJ5WB

diebeforei485
1 replies
21h3m

Can they do YouTube next?

ozyschmozy
0 replies
20h25m

They already did, the news of Google doing the same on hn last week iirc.

anticensor
1 replies
1d1h

This unlink would just be a formality, as they would still be able to correlate those users anyway.

pgeorgi
0 replies
1d

That's a great way to route 4% of their global earnings into the EU's bank account.

xyst
0 replies
1d1h

What about “threads” accounts? I believe these are directly tied to IG accounts.

vodkapump
0 replies
11h24m

Users can continue using Messenger with their Facebook account or create a new account completely independent of Facebook

So you can't unlink your facebook and messenger, just create a new messenger account without a facebook account. That's sad.

thegrizzlyking
0 replies
16h49m

This should be the default for all mergers above a certain threshold number of users and part of FTC consent decree.

pwdisswordfishc
0 replies
23h13m

I’ll believe it when each service is operated by an independent company.

jscheel
0 replies
18h9m

Their ham-fisted linking of facebook and instagram accounts has been an absolute nightmare for those of us that use their messenger apis. It has never fully worked correctly, and has led to more lost dev time than I care to count. I can't even begin to imagine how much worse this is going to make it.

its_ethan
0 replies
19h12m

If I used a VPN to place myself in Europe, could I unlink my accounts?

gerash
0 replies
19h42m

can someone ELI5 what unlinking a "Facebook account" from a "Messenger account" accomplishes?

IMHO we should strive to remove moats around digital services so new competitor can pop up and provide competing services in a short amount of time but somehow EU thinks creating busy-work for the engineers of incumbents is the right approach.

I already despise the "accept cookies" noise on all websites and don't tell me "Oh, it's bad compliance, blah blah". If so, then write a new more useful law instead.

exabrial
0 replies
21h44m

What would have been better is if the three things were just split up into separate businesses. Monopolies are annoying.

But I'll take progress over perfection, glad to see the move.

boppo1
0 replies
13h49m

If I reside in the US but am a dual US-EU citizen, does this apply to me?

barnabyjones
0 replies
15h46m

Shoutout to Max Schrems and Noyb, even if they weren't apparently involved in this decision. That organization seems to be the main driving force behind serious GDPR enforcement by submitting regular legal complaints, the data authorities occasionally take up a case on their own but usually seem content to stick to small violations. It really shows that having laws on the books isn't enough, and even public awareness is not very helpful, what really matters is having lawyers pushing hard for enforcement.

Zuiii
0 replies
16h40m

So how does a non-eu user get this privilege? Is using VPN in EU enough?

Havoc
0 replies
17h44m

Guessing UK isn’t getting this. Hashtag brexit benefit sigh

CatWChainsaw
0 replies
22h21m

My facebook sits abandoned for the better part of a decade and I never got messenger or instagram. Since they're all under the same umbrella I question the actual benefit. Seems like it would be placebo more than anything.

1oooqooq
0 replies
20h38m

because it's all linked in WhatsApp, which is the only thing anybody still actively uses anyway