Personalised ads without consent to EEA users

[Xaero]

Not sure if this is the right place to report something like this but it is a bug so it probably fits here.

Declining the personalised ads/cookies consent on the "files" page of this site requests non-personalised ads like it should BUT personalised ads are still requested and shown after refreshing the page.

Also, cookies are used for non-personalised ads too, so you might want to change the wording of the message a bit. Consent for using cookies and consent for personal data processing are 2 separate things.

[LexManos]

Interesting i'll look into it, however from all of our tests that is not the case. Can you provide what exact version of your browser, you are using. And any possible addons you may have that are interfering with basic java-script functionality. As for the wording, we've had it vetted and it seems to be fine to most reasonable people. I'll see if Paleo can think of even more explicit terms.

[Xaero]

I doubt it's my browser. It's the same on Chrome and Edge. On Firefox it says that I have adblock on, which isn't true. I guess that's another bug
EDIT: Accidentally posted lol. You should check the ad request URLs for whether the ads are personalised or not. If they don't contain "npa" then the ads are personalised. And I don't think any of my addons can affect this. Here's some info:

Google Chrome	67.0.3396.87 (Official Build) (64-bit) (cohort: 67_win_87)
OS	Windows 10
JavaScript	V8 6.7.288.46

Edited June 13, 2018 by Xaero

[Xaero]

And I don't see 

(adsbygoogle=window.adsbygoogle||[]).requestNonPersonalizedAds=1;

called anywhere in the source or in the scripts that are loaded. It's only in the revokeConsent() and giveConsent() functions. And revokeConsent() isn't called anywhere either from what I've seen (excluding the decline button). Like I said, it's like this only after refreshing the page.

Edited June 13, 2018 by Xaero

[LexManos]

I think I see where he screwed up. The cookies laws are just dumb, not even the EU's site regarding guidelines for cookies can be entered without storing at least one cookie.

How ever, I've changed the wording slightly, and made the theam code use the normal accept/decline methods. https://github.com/MinecraftForge/Web/commit/53e2919f90a43326e74e25deb3da49ab6d370936

This should be a good stop-gap until paleo can take a look at it.

[Xaero]

Works like it should now. Good job

And I know that this law is pretty weird and confusing. I'm pretty sure a CDN can create cookies under the site's domain but it's not something you have control over. Hopefully such cookies are an exception as they are required to view the site. 

BTW, I know that you are not allowed to refuse services when consent to processing personal data was not given but I don't think it's the same for cookies. This means that you can "force" the user to make a choice before they can access the rest of the site. PlanetMinecraft have done it this way.

I've also read somewhere that if a user requests a service that requires the use of cookies, then no consent is needed: 

"Under the 2012 ePrivacy Directive, Cookie Consent is always required to set cookies, unless the cookies are strictly necessary to deliver a service requested by the individual".

Might fit your dark theme control but I've seen statements that say that all cookie use requires consent and that there will only be exceptions in the future.