DEV Community

Adam Crockett πŸŒ€
Adam Crockett πŸŒ€

Posted on

πŸ‡¬πŸ‡§πŸ•΅οΈ GDPR, can I avoid that giant preference modal?

GDPR ruined my initial experience of websites all over the place, mostly the web in the UK, I hate it so much. Can I be compliant without displaying a massive deceptive banner? How do some large companies avoid it? Does local storage count? does indexdb count?

I like giving the user options that's great but not so intrusive. Is it possible?

Top comments (3)

Collapse
 
awwsmm profile image
Andrew (he/him)

I think most companies do that just to make it extremely obvious that they're following the law (or at least attempting to). I'm sure there are more elegant ways to do it, but if you're concerned, I would definitely consult a lawyer.

Collapse
 
moopet profile image
Ben Sinclair

I'm going to be that person:

The easiest way to not display a massive deceptive banner is to display a massive, non-deceptive banner. If your problem is that the banners you're seeing are deceptive then the problem is that those sites are deceptive. Stop using them, report it to their GDPR officer or report them for breaching it, depending on whether it looks like an oversight or active deception.

The second easiest way to not display a massive banner is to not do anything that impacts your users' privacy. Don't use third-party trackers, don't use hosted ads, don't sell their data without their consent, that sort of thing.

What you have to think about GDPR is that in countries outside the EU, they have the same practices but don't tell you about them... and companies whose sites don't work in the EU for "technical reasons" are exploiting their users.

Collapse
 
marcusatlocalhost profile image
Marcus

you could use sessionstorage in browser instead of localstorage
Maybe here are some answers:
law.stackexchange.com/questions/30...
softwareengineering.stackexchange....

Make sure you don't share data with 3rd parties or if, you have to disclose it anyway.
Maybe build your app without storing anything first and then ask for permission before storing anything?!
To cache data use session storage first and once a user is registering with your service you get their permission to store it (settings or whatever) permanently in their browser, and disclose it.

Last but not least, I have no idea because I'm not a lawyer, but if you design privacy first, you should be fine.