I never consent to give my data away or being tracked, but how do you deal with so called legitimate interest? I tried several times to untick them but it is a long list (in fact at the bottom there is a “vendors” link with even longer, much longer list. It took me 10 minutes to get to the bottom of it once).

My questions:

-how can we trust these so called legitimate interests when they are self defined by companies whose business model relies on your data?

-how can we find out what these legitimate interests are and what data it collects?

-are such companies controlled in any way?

-is this kind of consent form compliant with EU gdpr? (normally opt out is to be as easy as opt in, and there is no “refuse all” for these so called legitimate interests).

-what are your strategies against such sites tracking you? Or am I just being paranoid?

The sheer amount vendors is daunting, the Internet really turned into crap

Edit: when clicking Preferences at the bottom the content of the legitimate interested is spelled out for each vendor, so this replies one of my questions.

  • fluckx@lemmy.world
    1171·
    2 months ago

    Legitimate interest is just bullshit.

    Can I have your:

    • wallet
    • emails received
    • telephone number
    • pin code
    • visa card numbers
    • browser history
    • home address
    • dates you won’t be home
    • alarm code

    I too am legitimately interested in this data.

    • Kairos@lemmy.today
      38·
      2 months ago

      Why are you asking for their consent? You’re using their personal data on the basis of your legitimate interest.

  • mihor@lemmy.ml
    561·
    2 months ago

    Your honor, it was not a rape, it was my legitimate interest in sex.

    • jwt@programming.dev
      16·
      2 months ago

      “If it’s a legitimate interest, the browser has ways to try to shut that whole thing down”

      • pingveno@lemmy.mlEnglish
        10·
        2 months ago

        I’ve seen judges let offenders off light on worse arguments. Unfortunately.

      • forrgott
        5·
        2 months ago

        Your choice of words was absolutely terrible. There is no such thing as a decent defense of rape. Now, an effective defense in our busted legal system? That’s a whole different story. But “decent” does not apply in cases of sexual assault and violence. Ever.

        • Possibly linux@lemmy.zip
          English
          12·
          2 months ago

          If the person is innocent until they are proven guilty. Also it is entirely possible they were innocent

          • forrgott
            2·
            2 months ago

            Your reply is completely unrelated to what I said. There is no such thing as a decent defense for raping someone. If they didn’t rape anyone, good! If they did, that is an indefensible act by its very nature.

            I made no comment at all on whether or not any specific individual is guilty or not. So I’m really confused what your point is here…?

            • Possibly linux@lemmy.zip
              English
              11·
              2 months ago

              You are saying that they don’t set a defense. No matter the crime, you deserve defense. No one, not even sexual predictors, deserve to be stripped of constitutional rights. Such things also are related to prejudice.

              • forrgott
                2·
                2 months ago

                No. Read it again. I never said allegation. I never referenced court proceedings. I said the act of rape is indefensible.

                If you commit rape, there is no “decent” defense. If you didn’t, then my comment doesn’t apply. Simple as that.

                There is no excuse for sexual violence, and there never will be.

  • Aceticon@lemmy.world
    41·
    2 months ago

    Legitimate Interest is an attempt at working around the GDPR using a loophole in the ruling meant to permit processing of data in situations such as when a business has a trading relationship with a client.

    However the legal clarification from the EU Commission says: “Your company/organisation must also check that by pursuing its legitimate interests the rights and freedoms of those individuals are not seriously impacted, otherwise your company/organisation cannot rely on grounds of legitimate interest as a justification for processing the data and another legal ground must be found.” (see here) and there is a “right to privacy” in EU law.

    So supposedly that nearly endless list of “partners” (read: advert providers, trackers and other assorted businesses who make money from breaking people’s privacy) cannot use legitimate interest to track you as that would break your right to privacy.

    That said, in practice they probably do, and until they get fined hard they’ll keep on doing it, so as others said, don’t used a Chrome-based browser and use a good Ad Blocker add-on.

  • GolfNovemberUniform@lemmy.ml
    28·
    2 months ago

    1. Depends on the threat model but usually you don’t trust them. It’s as simple as that

    2. I think the legitimate interest has something to do with giving the data to the government when legally required but it can have other meanings too. Good luck with finding out. Some of them won’t tell the truth even if officially asked (unless you work for the government)

    3. Everything is somewhat controlled but in terms of data collection and sharing it is absolutely not (e. g. the users’ HIV status data on Tumblr or whatever the thing is called)

    4. Idk about that

    5. Regular protection like Tor, VPN, anti-fingerprinting etc

    6. I wouldn’t say you are being too paranoid

    7. Yes the internet has turned into a horrible place

    • ForgotAboutDre@lemmy.world
      15·
      2 months ago

      Legitimate interest is just an out to get around tracking users.

      I wouldn’t be surprised is many data trackers don’t pay attention to any of the permissions and agreements. It’s hard to validate they aren’t in compliance and it’s hard for most people to even challenge these businesses.

      Even if these businesses where legally challenged they can just close the business. Then take the same software and start a new business doing the same thing. If you look at the amount of companies you information is shared with under legitimate interests it can be in the order of hundreds.

    • Joël de Bruijn@lemmy.ml
      5·
      2 months ago
      1. It’s not gdpr compliant in the way shown here or IAB TCF uses it.

      Legitimate interest is a sort failsafe which can be used to cover certain exceptions.

      • the datacontrollor must have an exceptional situation, so not on a regular basis.
      • the balance between personal and business interest must be considered carefully under case by case basis.
      • the dataprocessor isn’t the one doing the consideration

      Automating all this is kind off against all the above.

  • BoisZoi@lemmy.mlEnglish
    4014·
    2 months ago

    OP:

    posts about tracking and not consenting to give data away

    also OP:

    uses Google Chrome

  • Blizzard@lemmy.zipEnglish
    21·
    2 months ago

    There’s no such thing as legitimate interest. Reject what you can, block everything else with adblockers.

  • interdimensionalmeme@lemmy.ml
    20·
    2 months ago

    Just autowipe cookies on pageloads. Use fast rotating vpn, tunnel through tor twice, run computer in ram only, remove all storage devices.

    • nix@midwest.socialEnglish
      27·
      2 months ago

      Amateur advice. Don’t own your own device. ask your friends to look up things for you on their devices, then print them out and mail them to your PO Box. Untraceable.

      • lud
        11·
        2 months ago

        But how did you pay for the PO box? Using cash, think of the fingerprints. And don’t forget about the post office spies

  • Holli25@slrpnk.net
    17·
    2 months ago

    Legitimate interest is a way for the vendors to not need your confirmation. In general, your right to privacy is valued against the vendor’s right to operate. The most often used example is advertisement: in general, vendors are allowed to advertise, as they want to operate and sell their products. But you have a right to your data (e.g. mail adress, home adress, interests…). So courts have to value what is more important. Another example that most people would agree is that clubs want to show what happens in the club, so they publish pictures from their activities (interest of club to show they are active vs personal right to your image). As not every case goes to court, most vendors see their interest as more important and interpret “legitimate” interest rather loosely. So in general, the idea of legitimate interest is compliant with the GDPR, although I believe most sites use it too liberal.

  • umbrella@lemmy.ml
    13·
    2 months ago

    fair enough, i have a legitimate interest in always blocking trackers and advertisements in every device i own too

    • Atemu@lemmy.ml
      111·
      2 months ago

      Your browser cannot block server-side abuse of your personal data. These consent forms are not about cookies; they’re about fooling users into consenting to abuse of their personal data. Cookies are just one of many many technological measures required to carry out said human rights abuse.

    • Rai@lemmy.dbzer0.com
      1·
      2 months ago

      I just accept all cookies. But I use Firefox Focus which deletes all cookies and browsing history every time I close it!

  • voxel@sopuli.xyz
    9·
    2 months ago

    IANAL, but iirc if you’re in the eu, legitimate interest is not legal basis for data processing but they may still store it for later use if you ever agree to one of these