GDPR doesn’t require them to ask if they would just not violate our privacy. In other words, it’s perfectly legal to assume “no” if they have no means of asking.
The requirement to not track users with cookies does not extend to cookies that make the site work in the first place, such as those which track your login session, or your refusal of other cookies.
CNN: We can’t ask if you want to allow cookies because you’re blocking everything
Me: Which means I don’t want you to……….?
CNN: No idea, we have to ask you.
Me: I’m so strict you can’t even ask meaning………?
CNN: You….
Me: Yes?
CNN: Uh………… don’t want……
Me: Yesssss………
CNN: To miss out on us asking you.
Thos but unironically. GDPR
GDPR doesn’t require them to ask if they would just not violate our privacy. In other words, it’s perfectly legal to assume “no” if they have no means of asking.
It’s not only legal to assume, it’s a requirement to default to “no”.
Tracking is opt-in.
The requirement to not track users with cookies does not extend to cookies that make the site work in the first place, such as those which track your login session, or your refusal of other cookies.
so don’t track login sessions, etc.
no cookies, no problem with not having asked for cookie consent.
if the site breaks, it breaks, and leaving it broken is a choice users can make.