The data protection revolution of the last few years has revealed two shocking things. The first shock was that most websites collect a staggering number of pieces of data for an astonishing number of different commercial interests. We suspected things were bad, but we never knew just how bad.
In the early days after new data protection regulations came in, web sites made it too difficult to opt out of all this tracking and collection. In many cases, we needed to opt out of each item separately. Luckily, they provide much better tools now, making it easy to opt out en masse with only a few clicks.
But despite this massive progress, a second shock was still to come. Many websites are still trying to confuse visitors into signing up to things they don’t need (and probably don’t want). Most of the better designed web sites now have three categories of cookies:
- ones designated as essential for the website to function properly as intended. You can’t opt out of these. Fair enough.
- one or more (up to about 4 or 5) optional groups, generally for advertising or for collecting data about use of the website. Current versions of the platforms generally let you opt out of each of these categories with one click. That’s a big improvement.
- a category invariably labelled legitimate interest. In many cases, it lets you opt out only one by one, not with one single click for the whole category.
Whose interest and why is it legitimate?
I haven’t been able to work out what distinguishes legitimate interest cookies from the second category. They aren’t essential, and I rarely want them. I have never yet seen a website explain whose interest these cookies serve or what is legitimate about their interest. It’s a fair bet, though, that it is not my interest and that it wouldn’t seem legitimate to me.
I presume that the phrase legitimate interest originates in some regulation or law. I expect that website operators have taken legal advice that they are using this category of legitimate interest in a way that complies with the letter of law and regulation.
But website operators are failing miserably at communication. Websites now routinely deploy the phrase legitimate interest as a barrier to communication, not as an aid to communication. If deliberate, this is a disgraceful circumvention of the spirit of regulations and laws. I suspect it may be deliberate, because so many of the tools now used do such a good job of making things easy for the site user in every other way.
If not deliberate, it is a classic case of what the linguist Geoffrey Pullum calls nerdview. He defines nerdview as taking the perspective of an insider, designer, or engineer when attempting to communicate with an end user or customer who couldn’t possibly have that perspective. Language Log » The mysterious Interchange Level (upenn.edu)
Nerdview: the occupational hazard of accounting standard setters?!
They’re at it in Germany as well, which shows this phrase must come from some EU directive. The Frankfurter Allgemeine website just asked me to sign up to the usual data protection consents. These included the category of “Berechtiges Interesse”. Sadly, but unsurprisingly, they’re playing the same disgraceful tricks as their counterparts in the Anglosphere. So you have to work quite hard to opt out. Shame on them.