Drive we are so privacy focused here. What is to prevent myself or anybody out there, from starting to report individual instances of GDPR and CCPA.

No lemmy insurances are complying with national privacy laws and nobody is talking about it at all.

  • awderon@lemmy.world
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    There is only one cookie present when I inspect the Cookies with my browsers dev tools. Which seems to be the auth token for my account.

    • trouser_mouse@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      As far as I am aware, a user authentication cookie is classed as personal data and therefore subject to GDPR!

      • awderon@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        Receive users’ consent before you use any cookies except strictly necessary cookies.

        Wouldn’t the auth cookie fall into the strictly necessary category?

        • trouser_mouse@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          I’m no expert so hopefully someone will be able to chip in. I know when I have dealt with GDPR stuff, there has been quite a lot of conflicting opinions!

          Even if it is not required to get consent for that, I think there is also a requirement around explaining to the user what they do and why they are necessary.

          • awderon@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            I’m also no expert, just trying to learn more about the topic as it’s kind of interesting to see how other people are interpreting it.

            • trouser_mouse@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              ·
              1 year ago

              Just as an example, this is Reddit’s cookie notification compliance - so something similar to this should be presented so that I know what the cookies are used for in plain language and can accept or reject any non-essential cookies. I should also be able to give or withdraw my consent at a later time.