Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

How would it not be? "I refuse cookies" is not a protected class, thus a private business may discriminate it at will. Same way a business could refuse to admit patrons not wearing shoes or carrying a firearm.


Is that true under the GDPR?


GDPR does not regulate cookies, it regulates usage of PII (personally identifiable information). So blocking cookies on principle is not against it, but collecting PII without consent is. Forcing the user into accepting, such as saying "click accept or pay" also is.

[0] “Consent should not be regarded as freely given if the data subject has no genuine or free choice or is unable to refuse or withdraw consent without detriment.” – Example: https://noyb.eu/en/pay-or-okay-beginning-end#:~:text=No%20%2....


US companies aren't bound by the GDPR. European courts have no jurisdiction here.


> Ok, how does an EU court enforce an EU law on a US company with US assets? They can’t.

You mean like this? https://www.bbc.com/news/technology-59909647


European courts have jurisdiction in the EU, and CNBC is accessible in the EU unlike some other US websites, so they have to follow GDPR at least for EU visitors. And as far as I know cookie rejection must not influence the basic functionality of the site.


Ok, how does an EU court enforce an EU law on a US company with US assets? They can’t. That’s my point.


Yes, if this company has no assets in EU and no transactions with EU entities then enforcing this may be hard.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: