I never consent to give my data away or being tracked, but how do you deal with so called legitimate interest? I tried several times to untick them but it is a long list (in fact at the bottom there is a “vendors” link with even longer, much longer list. It took me 10 minutes to get to the bottom of it once).
My questions:
-how can we trust these so called legitimate interests when they are self defined by companies whose business model relies on your data?
-how can we find out what these legitimate interests are and what data it collects?
-are such companies controlled in any way?
-is this kind of consent form compliant with EU gdpr? (normally opt out is to be as easy as opt in, and there is no “refuse all” for these so called legitimate interests).
-what are your strategies against such sites tracking you? Or am I just being paranoid?
The sheer amount vendors is daunting, the Internet really turned into crap
Edit: when clicking Preferences at the bottom the content of the legitimate interested is spelled out for each vendor, so this replies one of my questions.
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
- Don’t promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
- 0 users online
- 57 users / day
- 383 users / week
- 1.5K users / month
- 5.7K users / 6 months
- 1 subscriber
- 3.11K Posts
- 77.9K Comments
- Modlog
They key word here is “their”. Not your interest, theirs.
Legitimate interests may be those that allow the functionality of the service as such (eg. technical details), all others are blocked or fed with false data to make it clear to them, where they can introduce these “legitimate interests” with Vaseline.
fair enough, i have a legitimate interest in always blocking trackers and advertisements in every device i own too
Do not question, just obey.
Legitimate Interest is an attempt at working around the GDPR using a loophole in the ruling meant to permit processing of data in situations such as when a business has a trading relationship with a client.
However the legal clarification from the EU Commission says: “Your company/organisation must also check that by pursuing its legitimate interests the rights and freedoms of those individuals are not seriously impacted, otherwise your company/organisation cannot rely on grounds of legitimate interest as a justification for processing the data and another legal ground must be found.” (see here) and there is a “right to privacy” in EU law.
So supposedly that nearly endless list of “partners” (read: advert providers, trackers and other assorted businesses who make money from breaking people’s privacy) cannot use legitimate interest to track you as that would break your right to privacy.
That said, in practice they probably do, and until they get fined hard they’ll keep on doing it, so as others said, don’t used a Chrome-based browser and use a good Ad Blocker add-on.
Just autowipe cookies on pageloads. Use fast rotating vpn, tunnel through tor twice, run computer in ram only, remove all storage devices.
Amateur advice. Don’t own your own device. ask your friends to look up things for you on their devices, then print them out and mail them to your PO Box. Untraceable.
But how did you pay for the PO box? Using cash, think of the fingerprints. And don’t forget about the post office spies
Solution, don’t have an address or talk to anyone ever, scavenge your own food.
Untraceable
What about the cats?
The musical or the movie?
Honestly? I wouldn’t trust either.
Ez
Use Firefox (or a hardened fork like Mull) with uBlock Origin and you’ll never see this BS again
It’s their interest, not yours.
Your honor, it was not a rape, it was my legitimate interest in sex.
“If it’s a legitimate interest, the browser has ways to try to shut that whole thing down”
How was the browser dressed?
I mean depending on the context it might be a decent defense
Your choice of words was absolutely terrible. There is no such thing as a decent defense of rape. Now, an effective defense in our busted legal system? That’s a whole different story. But “decent” does not apply in cases of sexual assault and violence. Ever.
If the person is innocent until they are proven guilty. Also it is entirely possible they were innocent
Your reply is completely unrelated to what I said. There is no such thing as a decent defense for raping someone. If they didn’t rape anyone, good! If they did, that is an indefensible act by its very nature.
I made no comment at all on whether or not any specific individual is guilty or not. So I’m really confused what your point is here…?
You are saying that they don’t set a defense. No matter the crime, you deserve defense. No one, not even sexual predictors, deserve to be stripped of constitutional rights. Such things also are related to prejudice.
No. Read it again. I never said allegation. I never referenced court proceedings. I said the act of rape is indefensible.
If you commit rape, there is no “decent” defense. If you didn’t, then my comment doesn’t apply. Simple as that.
There is no excuse for sexual violence, and there never will be.
When the government takes your data they will call it legitimate
They will call it legal and we will like it.
IANAL, but iirc if you’re in the eu, legitimate interest is not legal basis for data processing but they may still store it for later use if you ever agree to one of these
I am like 90% sure they use it regardless.
OP:
posts about tracking and not consenting to give data away
also OP:
uses Google Chrome
Bromite and Cromite are a thing too
Bromite? Not anymore. Cromite? Absolutely.
Firefox, Fennec and Mull are a thing
Yes I use Mull but this does not look like a Firefox-based browser
Mull is a firefox-based browser developed by DivestOS, Mulch is developed by the same team but it’s based on Chromium
I used cromite for a while, and in general prefer it to Mulch, but I stick to it for the webview. (only way that seems to have the webview replace Google’s is to define Mulch as default browser). I still often use cromite too
Edit : not just cromite in fact 😅
Wrong, that’s Mulch. Uninstalling and deactivating Google apps is the first thing I do. Android system webview is the tricky one, but Mulch has a webview too. Still the default one manages to creep in sometimes, and deactivating it breaks things that call it specifically. Edit: there is a system webview setting under Developers tools, but Mulch’s does not appear there
Mulch ain’t the worst, but there are better options. Generally, I would recommend a Firefox-based browser instead of Chromium, because it has full extension support (including adblockers). You can check out this comparison chart, or this one.
https://github.com/cavi-au/Consent-O-Matic
You can just use uBlock Origin with this list to hide the cookie notices: https://www.i-dont-care-about-cookies.eu/abp/
Won’t help with websites that (illegally) have cookies enabled by default.
You can (and probably should) configure Firefox to automatically block all 3rd party cookies
What about first party cookies?
These cookie consent notices are mostly about 3rd-party cookies. In fact, they often don’t let you completely reject cookies, you can just choose whether you want 3rd-party cookies.
Multi-Account Containers to separate your tabs. Then wipe all cookies on closing.
Or just use consent-o-matic
There’s no such thing as legitimate interest. Reject what you can, block everything else with adblockers.
This is the exception to prove the rule that the other interests are definitely illegitimate. This is the website telling you that they give away your data for illegitimate purposes.
It’s not a surprise. We knew this was true. But seeing it’s spelled out like this is a little galling.
Illegitimate: not authorized by the law; not in accordance with accepted standards or rules
The website is basically admitting that they’re using your data maliciously, intentionally, by having this distinction.
While you’re right conceptually, this isn’t what the wording means in terms of consent dialogs. Legitimate interest means they can assume, legitimately, that you have an interest in aspects of the site (by you being there) that require X cookies, basically. Ie their product is providing functionality they can assume you’re interested in just by being there, and they’re “pre approving” the tracking/storage for that functionality.
I concur that it’s rubbish and used almost always in a manner that reeks of illegitimacy.
That’s not quite what it means. Legitimate interest is a term from the GDPR, and is one of the legal bases on which a company may process your personal data. Essentially the company has a “legitimate interest” (i.e. reasonable purpose) for which your data must be processed.
Typical examples of legitimate interest are: fraud prevention, direct marketing, or ensuring network/information security of their IT infrastructure.
The rest of your comment is essentially correct though. Notably, the examples above are not exhaustive: legitimate interest is fairly vaguely defined. And there is a process in the GDPR to object to your legitimate interest claim. This has resulted in essentially all data collection companies claiming a generic legitimate interest on your data, and it’s up to you to object to all of them individually. This undermines the general “you must opt in to tracking” principles of the GDPR, but until privacy agencies of the EU get around to some enforcement that’s how it is.