Are you sure? That's new to me.

https://en.m.wikipedia.org/wiki/EPrivacy_Directive says

> The Directive provision applicable to cookies is Article 5(3). Recital 25 of the Preamble recognises the importance and usefulness of cookies for the functioning of modern Internet and directly relates Article 5(3) to them but Recital 24 also warns of the danger that such instruments may present to privacy. The change in the law does not affect all types of cookies; those that are deemed to be "strictly necessary for the delivery of a service requested by the user", such as for example, cookies that track the contents of a user's shopping cart on an online shopping service, are exempted.

Language preferences are (in all of the deployments I've seen) legally categorized as functional cookies and not strictly necessary cookies. Same with e.g. dark mode/light mode or other preference toggles

functional cookies would be strictly necessary cookies, wouldn't they?

The wording is annoying, but no. I’ve received legal advice on this topic. Functional cookies are not strictly necessary. It seems very backwards but it’s how the industry currently treats things.

Read: https://gdpr.eu/cookies/ …after you dismiss the cookie banner, of course. I add this not only as a quip but to highlight that even a gdpr explainer website which you’d expect isn’t doing the evil thing of tracking users, has interpreted the relevant laws such that it finds it necessary to promt the user in order to simply explain the gdpr and epd/epr…

The way I read this proves you wrong:

> Cookie compliance [heading]

> To comply with the regulations governing cookies under the GDPR and the ePrivacy Directive you must:

> Receive users’ consent before you use any cookies except strictly necessary cookies.

(emphasis not mine, but would have added it)

A language preference cookie is colloquially considered a preferences cookie, which is included in the except strictly necessary cookies.

I'm not sure what you mean but our ancestor comment describes this clearly.

A language preference cookie is not tracking.

https://news.ycombinator.com/item?id=44426726#44431268

You didn't read what I sent. https://news.ycombinator.com/item?id=44434919

The GDPR is different from the ePrivacy Directive. The EPD is responsible for cookie consent. And it has the language addressing preferences cookies.

I did, I quoted stuff from it, but you are not helping. You should quote the things relevant to the point your are making. Especially when you notice people are not picking up. You also keep saying that gdpr is not EPD, but your link is short on details about this and with this point, you lead me to seek information in sections that are irrelevant.

But I see what you are saying now. That page lists the different purposes, including preference cookies (which include language preferences) and strictly necessary cookies, and I know asking consent is not necessary only for strictly necessary cookies (this page says it, I quoted that part earlier).

If that page is right, you are right and I was wrong. Thanks for persisting.

Well, that would be a shame, and that probably would explain why cd.cz makes me pick English each time I visit. I was assuming they could just save this preference in a cookie, but they obviously wouldn't be able to since I didn't provide consent, since I hide the cookie banners and they don't ask for consent later when needed.

Now, that page is not authoritative and I see it criticized here: https://www.reddit.com/r/gdpr/comments/vniefz/strictly_neces...

I guess it it safe to ask consent in doubt, but I'm not yet convinced the language cookie cannot be considered strictly necessary. How can you correctly provide a requested service to a user if you don't use a language they understand, and how storing the language is not for fulfilling an explicit request from them?