> Can we cut through the clickbait and see what's wrong here. If my website askes users for their permission to use GA and they click yes then is that still illegal here? I see this as yes it's still illegal.
From what I can tell: If you ask your users for permisssion ("informed consent"), then no, it is not illegal. The way I understood the court case in Austria, the disputed point was whether or not the use of GA falls under the GDPR. If it does fall under it, then you are obliged to ask your users for consent ("opt-in"). If it does not, you can use it freely without consent.
Because analytics data isn't worth that much if you collect only part of the data, most collectors of data do not want to ask users for their consent, because most users would reject this.
But IANAL. In any case, please stop using Google Analytics, and self-host your analytics using Matomo, Plausible, or something similar. Matomo can also be configured to use server-side analytics, in which case your analytics become both less invasive (no client-side JS needed) and more complete (can't be blocked by ad-blockers).
I think this is basically a fat EU lie - that if you pop up a cookie popup most users say no to cookie banners.
I've heard that if you do a non-modal cookie banner, 75% of people just ignore it rather than go into it to deny cookies. About 12% (half of remaining) click accept all cookies. The rest close it again without taking action if they can.
I realize there are folks who go into things and customize everything on every website - most users I think don't care enough.
What's funny -> your ISP might be selling your browsing history. Your TV is selling your watching history and no one cares. But cookie pop-ups everywhere is all these privacy idiots can think about. It's performative privacy, that annoys the heck out of a lot of users and wastes a ton of time.
My hypothetical ISP and TV would also be violating GDPR if they did such things. They might currently face fewer lawsuits than google but that doesn't mean that no one cares.
"Internet Service Providers on the European market cannot sell the browser history of their users, without their explicit and informed consent". So they add another paragraph in the sign up screen you have to click yes on to get your discounted service.
This is the failing of the EU model. Users will provide consent to access a service in most cases. To work around that no the EU is jumping through all sorts of highly subjective hoops around what is explicit consent (it's usually pretty darn explicit), coming up with ideas of legitimate interest (talk about subject to interpretation) etc
From what I can tell: If you ask your users for permisssion ("informed consent"), then no, it is not illegal. The way I understood the court case in Austria, the disputed point was whether or not the use of GA falls under the GDPR. If it does fall under it, then you are obliged to ask your users for consent ("opt-in"). If it does not, you can use it freely without consent.
Because analytics data isn't worth that much if you collect only part of the data, most collectors of data do not want to ask users for their consent, because most users would reject this.
But IANAL. In any case, please stop using Google Analytics, and self-host your analytics using Matomo, Plausible, or something similar. Matomo can also be configured to use server-side analytics, in which case your analytics become both less invasive (no client-side JS needed) and more complete (can't be blocked by ad-blockers).