Very few of those are about consent. Which is quite striking, as practically all of the spyware nags are illegal and thus the consent is violated probably billions of times every day.
Given that I encounter at least one violation a day, it's really a small list.
It should contains hundred of thousands of entries.
Like fines for speeding.
Imagine if you had a page for parking tickets since 2018 (!) and it contained only a few hundred penalties.
This is ridiculous, especially since:
- it's not hard to find most cases. Just take any cookie banner that makes harder to opt out than opt in, and that's it, you have a violation. It can even be automated.
- it can bring a lot of money to a system that is dying for it.
Are you reporting such violation? How authorities would know about it?
Also the jurisdiction is in question. Who should enforce? Country where user is? Country where domain is registered? Country where data center with servers is? Country where nominal owner of the web page is? Country where final beneficiary is? Country where creator of the banner is?
The jurisdiction is EU (GDPR is binding legislation for all member countries, not dissimilar to US federal law), and the enforcer is primarily the country where the company that owns the website has European incorporation.
In theory anybody can report to their country's data protection officer, although at least in Finland they don't care about individual citizen complaints.
The NGO noyb is sending out batches of these reports. They have some minor wins, but as you can probably tell from all these nags around, by and large there's not much effect.
