• Katana314@lemmy.world
    link
    fedilink
    English
    arrow-up
    7
    ·
    11 months ago

    Not written in a direct, full, and literal sense, only because it’s difficult to legally define a login, but:

    “The data subject shall have the right to withdraw his or her​ consent at any time […] It shall be as easy to withdraw as to give consent.”​

    src

    Articles that interpret this directive also say that one expectation of this wording is that users should not need to log in. Arguably, registering by scribbling a random password is “easy”. Remembering that password later is “hard”.

    • Skull giver@popplesburger.hilciferous.nl
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      9
      ·
      11 months ago

      Personally, I’d consider remembering the credentials for the service you’ve signed up for to be easy. I think it’s unfair to expect companies to treat their users as utter idiots.

      That’s not to say this specific company isn’t breaking any laws (least they could do is add a login form to the page you’re linking to), but I find it a bit much to expect companies to design a secure single-token login system that integrates with their newsletter system; such unnecessary technical design expectations only increase the risk that a badly designed authentication system causes a data leak.

      The CAN SPAM act is a lot clearer in this sense, it spells out the “single web page” requirement. I suppose you may as well design for that, but I’m not a fan of the infatilisation of internet users.

      • Eranziel@lemmy.world
        link
        fedilink
        English
        arrow-up
        13
        ·
        11 months ago

        It’s not infantilization. These bills are designed to prevent “one more hoop” design by the company to make it too annoying to unsubscribe. Your position assumes good faith behaviour by the company with the newsletter. That is absolutely not a given.

      • Katana314@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        11 months ago

        The point of the easiness of unsubscription isn’t to make it possible for total idiots. It is to make it frictionless.

        Take law - since this technically is on the same subject. So, so much of the legal profession now (unfortunately) involves putting up so many rudimentary roadblocks that people are compelled to settle and agree. Firms suing small companies with single attorneys will send massive archives of paper during discovery. They’ll file an irrelevant “first amendment” claim to defend their actions, all to make sure people’s time is occupied. Even if the opposing council is qualified to respond to and dismiss every single petulant thing, it will take up their precious time, stressing them and reducing how long they have to form an argument.

        Law practice has actually similarly introduced legislation to prevent frivolous lawsuits and paperwork overload. On the idea of newsletters, it’s especially important for it to be easy because many people have been erroneously signed up for MASSES of them. It should be; Click, Click, gone.