It's important to note they aren't creating laws against infinite scrolling, but are ruling against addictive design and pointing to infinite scrolling as an example of it. The wording here is fascinating, mainly because they're effectively acting as arbiters of "vibes". They point to certain features they'd like them to change, but there is no specific ruling around what you can/can't do.
My initial reaction was that this was a terrible precedent, but after thinking on it more I asked myself, "well what specific laws would I write to combat addictive design?". Everything I thought of would have some way or workaround that could be found, and equally would have terrible consequences on situations where this is actually quite valuable. IE if you disallow infinite scrolling, what page sizes are allowed? Can I just have a page of 10,000 elements that lazy load?
Regardless of your take around whether this is EU overreach, I'm glad they're not implementing strict laws around what you can/can't do - there are valuable situations for these UI patterns, even if in combination they can create addictive experiences. Still, I do think that overregulation here will lead to services being fractured. I was writing about this earlier this morning (https://news.ycombinator.com/item?id=47005367), but the regulated friction of major platforms (ie discord w/ ID laws) is on a collision course with the ease of vibe coding up your own. When that happens, these comissions are going to need to think long and hard around having a few large companies to watch over is better than millions of small micro-niche ones.
I wouldn't worry about that. You're ignoring politics, and what this actually is. If the EU had a real problem with addictive designs and social media the time to move against it was of course 10+ years ago. They do not intend, not even remotely, to sabotage the profit machines that those companies are, they just want political weapons against the companies. The intention here is not to cure addiction, destroy profits, the intention is to use economic power to achieve political ends. The EU is built on this, it just didn't use to involve that many private companies.
Like most famous EU laws, this is not a law for people. Like the Banking regulations, the DMA, the GPDR, the AI act, this law cannot be used by individuals to achieve their rights against companies and certainly not against EU states, who have repeatedly shown willingness to use AI against individuals, including face recognition (which gets a lot of negative attention and strict rules in the AI act, and EU member states get to ignore both directly, and they get to allow companies to ignore the rules), violate GPDR against their own citizens (e.g. use medical data in divorce cases, or even tax debt collection, and they let private companies ignore the rules for government purposes (e.g. hospitals can be forced report if you paid for treatment rather than pay alimony, rather than pay your back taxes)). The first application of the GPDR was to remove links about Barrosso's personal history from Google.
These laws can only be used by the EU commission against specific companies. Here's how the process works: someone "files a complaint", which is an email to the EU commission (not a complaint in the legal sense, no involvement of prosecutors, or judges, or any part of the justice system of any member state at all). Then an EU commissioner starts a negotiation process and rules on the case, usually imposing billions of euros in fines or providing publicly-backed loans (in the case of banks). The vast, vast, vast majority of these complaints are ignored or "settled in love" (French legal term: the idea is that some commission bureaucrat contacts the company and "arranges things", never involving any kind of enforcement mechanism). Then they become chairman of Goldman Sachs (oops, that just happened once, giving Goldman Sachs it's first communist chairman, yes really. In case you're wondering: Barrosso), or join Uber's and Salesforce's executive teams, paid through Panama paper companies.
In other words: these laws are not at all about addictive design, and saving you from it, they're about going after specific companies for political means. Google, Facebook, Goldman Sachs, ...
Ironically the EU is doing exactly what Trump did with tariffs. It's just that Trump is using a sawed-off shotgun where the EU commission is using a scalpel.
> If the EU had a real problem with addictive designs and social media the time to move against it was of course 10+ years ago.
Addictive designs and social media have changed a lot in the last 10 years, for one. But more importantly, there's no statute of limitation on making laws.
You are in all likelihood correct, it's the more realpolitik reading of it. One other more charitable interpretation would be that the EU was under the US's thumb so they never took action, but now that there is some more separation, they are willing to act against these design patterns. It's probably some combination of both elements, weighting each according to how cynical you are, and high cynicism is justified.
One of the best replies on hackernews in years. Hear. Hear.
The EU realized they can extort the US big tech. The EU will now just focus on laws and taxing (the war in Ukraine isn't their problem). And frankly, we should just ignore EU laws in the US.
> These laws can only be used by the EU commission against specific companies.
In the UK at least, the GDPR was incorporated into UK law (where it remains, essentially unmodified, even after Brexit). So it is certainly not necessary to get the EU commission involved to enforce the law. In the UK, the ICO is the relevant regulator. There are other national regulators that enforce the GDPR, such as the French CNIL.
I hope this goes through. Trillion dollar companies are waging a war on our attention, using everything at their disposal to make these apps addictive. It isn't a fair fight and the existence of infinite feeds is bad both for people and democracy. Regulating consumer products that cause harm to millions is nothing new.
This. If all it took was a $300k ad campaign on tiktok to get the population of a country(Romania in this case to be specific) to vote for a shady no-name candidate that came out of nowhere, instead of the well known candidates of the establishment, that should tell you the politics of your country betrayed its electorate so badly that they would rather commit national suicide instead of voting the establishment again to screw them over for the n-th time. Tiktok only exposed that, it didn't cause that.
I'm not saying social media isn't cancerous and shouldn't be regulated, because it is and it should, I'm saying that in this specific case it's a symptom of a much bigger existing disease and not the root cause of it.
That only worked though because Romania is using a voting method for President that is completely terrible for countries that have several viable political parties.
They use a two-round system to elect their President that works like this:
1. If a candidates gets more than 50% in the first round they are the winner, and there is no second round.
2. If there is no clear winner in the first round, the top two from the first round advance to the second round to determine the winner.
In that election there were 14 candidates. 6 from right-wing parties, 4 from left-wing parties, and 4 independents. The most anyone got in the first round was 22.94%, and the second most was 19.18%. Third was 19.15%. Fourth was 13.86%, then 8.79%.
With that many candidates, and with there being quite a lot of overlap in the positions of the candidates closer to the center, you can easily end up with the candidates that are more extreme finishing higher because they have fewer overlap on positions with the others, and so the voters that find those issues most important don't get split.
You can easily end up with two candidates in the runoff that a large majority disagree with on all major issues.
They really need to be using something like ranked choice.
>That only worked though because Romania is using a voting method for President that is completely terrible for countries that have several viable political parties. [...] They really need to be using something like ranked choice.
Firstly, there's many forms of elections, each with their own pros and cons, but I don't think the voting method is the core problem here.
Let's assume Norway would have the exact same system and parties like Romania. Do you think Norwegians would have been swayed by a an online ad campaign to vote a Russian puppet off tiktok to the last round?
What if the education level, standard of living of the population and being a high trust society, is actually what filters malicious candidates, and not some magic election method?
Secondly, what if that faulty election system, is a actually a feature and not a bug, inserted since the formation of modern Romania after the 1989 revolution, when the people from the (former) commies and securitatea(intelligence services and secret police) now still running the country but under different org names and flags, had to patch up a new constitution virtually overnight, so they made sure to create a new one where they themselves and their parties have an easier time gaming the system in their favor to always end up on top in the new democratic system, but now that backdoor is being exploited by foreign actors.
Not in this case. Romanian people hated their corrupt politicians since way before tiktok was invented. Tiktok only acted as release valve for that pent-up anger, but it's not the cause of it. The cause is 35+ years of rampant theft and corruption leading to misery and cases of death of innocent people.
So blaming of tiktok is a convenient scapegoat for Romania's corrupt establishment to legitimize themselves and deflect their unpopularity as if it's caused by Russian interference and not their own actions. NO, Russian interference just weaponized the massive unpopularity they already had.
So here's a wild idea on how to protect your democracy: how about instead of banning social media, politicians actually get off their kiddie fiddling islands, stop stealing everything not nailed to the ground and do right by their people, so that the voters don't feel compelled to pour gasoline on their country and light it on fire out of spite just to watch the establishment burn with it.
Because when people are educated, healthy, financially well off and taken care of by their government who acts in their best interest, then no amount of foreign social media propaganda can convince people to throw that all away on a dime. But if your people are their wits end and want to see you guillotined, then that negative capital can and will be exploited by foreign adversaries. Like how come you don't see Swiss or Norwegians trying to vote Russian puppets off TikTok to power and it's not because they have more control on social media than Romania.
This isn't a Romanian problem BTW, many western countries see similar political disenfranchisement today, and why you see western leaders rushing to ban or seize control of social media and free speech, instead of actually fixing their countries according to the pains of the voters.
Eh, its not like it is happening overnight. Its like a cancer that slowly spreads without much notice and then one day the democracy collapses and its too late to do anything about it.
> Trillion dollar companies are waging a war on our attention, using everything at their disposal to make these apps addictive.
Or you could just shut the phone off and/or not install the app. It's a simple solution, really, and one that is available at your disposal today at no cost.
It's a phone. Put it in the trash. You will not go through physiological withdrawal symptoms.
The amount of people in here right now clamoring for legislation to keep them away from electronics which they themselves purchased is mind-bogglingly insane.
A few years ago, I accidentally left my phone at home when I went to work, and when I arrived I found that because I no longer had my 2FA device, I couldn't do any work until I went home again and picked it up.
I'm fine without doomscrolling. I've gone from the minimum possible service with internet, to pure PAYG with no internet, and I'm fine with that. But society has moved on, and for a lot of people, phones are no longer an option.
And for a meaningful fraction of people, somehow, I don't get it either, TikTok is the news. Not metaphorically, it's actually where they get news from.
> A few years ago, I accidentally left my phone at home when I went to work, and when I arrived I found that because I no longer had my 2FA device, I couldn't do any work until I went home again and picked it up.
Sounds like a personal problem. There are many other 2FA authenticators available. Yubikey, TOTP tokens, smart cards, etc. Using a smartphone (which can lose power at any time) for critical authentication was a silly idea to begin with. I would refuse anything work-related on my personal phone.
> There are many other 2FA authenticators available.
Specified by job, so no choice in this matter.
> I would refuse anything work-related on my personal phone.
Quite reasonable as a general rule, though my then-employer only required the 2FA app and nothing else, and in this case it would've just meant "get an additional phone".
Laws are not created to be malleable about the population's trivial mental illnesses.
We don't need new laws on the books because some people are incapable of turning their phones off. They have addictive personalities and will fulfill this by other means, while everyone high-fives claiming success.
For many people, it is unrealistic to uninstall Facebook, Twitter, YouTube, TikTok, Reddit, Instagram, Bluesky, whatever the fuck else all at the same time.
I'm proud of you that you are as disconnected as you are. I'm the same -- ditched my addictive social media accounts back in like 2011 -- but not everyone is like us.
Oooooof. Can I recommend you spend some time developing some empathy?
The world is complicated. People's lives are complicated (and often meditated by their phones). People's emotional and social wellbeing is complicated, and simply ghosting all your social groups on a random Tuesday is likely to cause significant problems.
You could say that about literally every single type of addictive behavior present on the face of the planet. You could just stop smoking and/or not buying cigarettes. You could just stop drinking and/or stop buying alcohol. It's a completely pointless observation. There's a reason why these are addictions.
Endogenous drugs, exogenous drugs. Same effect on the brain, and in some cases the actual literal same substances. The difference is that endo-/exo- prefix, the former is made in your body, the latter is supplied from outside.
We have been learning how to induce certain experiences, which correspond to certain substances, for a long time; we're getting more competent at it; this includes social media A/B testing itself to be so sticky that a lot of people find it hard to put down; this is bad, so something* is being done about it.
* The risk being "something should be done; this is something, therefore it should be done"
This sounds like a type of insanity. Why would anyone care about something like this to the degree they feel like expressing the opinion publicly let alone in a political regulatory body is beyond me.
Maybe you're not the type of person who's struggled with addiction, but it can do awful things to you. Yes, including being addicted to scrolling social media. It screws with your head to the point where you don't know how to live in the moment anymore.
IMO it's a feature that's not valuable enough to justify the fact that it contributes to poor quality of life for people who can't put it down.
> Treating social media design as equal to something that can kill people in excess unnerves me.
As it should, because there's a really obvious "slippery slope" argument right there.
But… it can kill people.
There is a certain fraction of the population who, for whatever reason, can be manipulated, to the point of becoming killers or of causing injury to themselves. Social media… actually, worse than that, all A/B testing everywhere, can stumble upon this even when it isn't trying to (I would like to believe that OpenAI's experience with 4o-induced psychosis was unintentional).
When we know which tools can be used for manipulation, it's bad to keep allowing it to run unchecked. Unchecked, they are the tool of propagandists.
But… I see that slippery slope, I know that any government which successfully argues itself the power to regulate this, even for good, is one bad election away from a dictatorship that will abuse the same reasoning and powers to evil ends.
It looks to me like you're adding the conflation to "all addictions" because you can clearly distinguish between "sugar" and "cocaine" as both forms of addictions.
Why would you not be willing to include "scrolling" as another form of addiction? Just because it's labeled the same way you yourself are demonstrating that we handle that in different ways.
Social Media is being treated as "sugar" in this instance instead of as "cocaine".
(As I get older, unironically. I want my productive worker bees to be drug free, addiction free, enjoying simple pleasures that do not put me at risk. They pay Social Security. Everything is nice and safe. Freedom? Yeah no thanks, get to work and pay your taxes.)
I mean, lets do the opposite where a large corporation gets people intentionally addicted to drugs and then bilks them for every penny they have until they are husks. Remember, free market comes first!
Thank you from talking about the Holy Freedom, my brother. Looking forward to enjoying further freedoms thanks to laws that protect me from behavior that makes me unfree and in need to constantly control me and my surroundings!
‘Freedom does not consist in doing what we want, but in overcoming what we have for an open future; the existence of others defines my situation and is the condition of my freedom. They oppress me if they take me to prison, but they are not oppressing me if they prevent me from taking my neighbour to prison.’ -- Simone de Beauvoir
Social Media companies have actively and intentionally tried to make their products more addicting... now they have to face the very obvious consequences of that decision.
Why would someone care about a destructive addiction that's plaguing the lives of the majority of the planet, leading to mental health issues and proliferating massive levels of misinformation. I wonder. Freedom to be manipulated by algorithms, yay!
We have great freedoms in Europe. We just need to apply in advance with our detailed plan, in three copies and the Commission will decide whether to deny our application or to deny it and fine us for unhealthy thoughts, too.
Sarcasm now, but maybe what the near future will look like...
More to the point: this is indeed a massive overreach with the Commission being the police, judge, jury, and executioner... what could go wrong? Exactly what we are seeing is taking shape, precedent by precedent.
Having worked at multiple companies and talked to multiple legal teams about this, they tend to be very conservative. So the guidance I've gotten is that if we store any information at all on the person's computer, even to know whether they've visited the site before, we still need a cookie banner.
Basically, the law created enough fear among the lawyers that software developers are being advised to include the cookie banner in cases where it isn't strictly needed.
Agreed! Many sites don't actually comply with the GDPR because they don't provide simple tools to control the cookies and instead force you through a flow. Part of my gripe with the law is the way those violations are not being systematically cited.
> even to know whether they've visited the site before
So uh, don't do that.
You don't need to notify if you use cookies for required functionality like login sessions or remembering a functional setting.
If you're tracking whether they're returning or not your activity is exactly the kind of behaviour the rule is covering because, in legal terms, it's skeezy as fuck.
"Strictly necessary cookies — These cookies are essential for you to browse the website and use its features, such as accessing secure areas of the site. Cookies that allow web shops to hold your items in your cart while you are shopping online are an example of strictly necessary cookies. These cookies will generally be first-party session cookies. While it is not required to obtain consent for these cookies, what they do and why they are necessary should be explained to the user."
Right, and then the legal teams tell me they don't care, and we should put up the cookie banner anyway. I feel like you didn't read my original comment.
> You don't need to notify if you use cookies for required functionality like login sessions or remembering a functional setting
Nobody wants to be the EU test case on precisely how "required functionality" is defined. Regardless of what the plaintext of the law says, it should be self-evident that companies will be more conservative than that, especially when the cost is as low as adding one cooke banner and tracking one preference.
Laws should be evaluated on the effect they actually have on society, rather than the effect that we wish they had on society. I am very critical of laws that fail this test, and I think they should be updated to improve their performance. We want the right outcome, not the right rules.
if you don't track users you don't need GDPR consent dialogs
I think in the past you still needed some info box in the corner with a link to the data policy. But I think that isn't needed anymore (to be clear not a consent dialog, a informational only thing). Also you can without additional consent store a same site/domain cookie remembering you dismissing or clicking on it and not showing it again (btw. same for opting out of being tracked).
But there are some old pre-GDPR laws in some countries (not EU wide AFIK) which do require actual cookie banners (in difference to GDPR consent dialogs or informational things). EU want them removed, but politic moves slow AF so not sure what the sate of this is.
So yes without checking if all the older misguided laws have been dismissed, you probably should have a small banner at the bottom telling people "we don't track you but for ... reasons .. [link] [ok]" even if you don't track people :(. But also if they haven't gotten dismissed they should be dismissed very soon.
Still such a banner is non obnoxious, little annoying (on PC, Tablet, a bit more annoying on Phone). And isn't that harass people to allow you to spy on them nonsense we have everywhere.
The regulatory body could clarify that a DO NOT TRACK header should be interpreted as a "functional/necessary cookies only" request, so sites may not interrupt visitors with a popup modal/banner if it's set.
Having the EU decide on a technical implementation is more of a last ditch effort, like what happened with more than a decade of the EU telling the industry to get its shit together and unify under a common charging port.
1. GDPR consent dialogs are not cookie popups, most things you see are GDPR consent dialogs
2. GDPR consent dialogs are only required if you share data, i.e. spy on the user
3. GDPR had from the get to go a bunch of exceptions, e.g. you don't need permission to store a same site cookie indicating that you opted out of tracking _iff_ you don't use it for tracking. Same for a lot of other things where the data is needed for operation as long as the data is only used with that thing and not given away. (E.g. DDOS protection, bot detection, etc.)
4. You still had to inform the user but this doesn't need any user interacting, accepting anything nor does it need to be a popup blocking the view. A small information in the corner of the screen with a link to the data policy is good enough. But only if all what you do falls under 3. or non personal information. Furthermore I think they recently have updated it to not even require that, just having a privacy policy in a well know place is good enough but I have to double check. (And to be clear this is for data you don't need permission to collect, but like any data you collect it's strictly use case bound and you still have to list how its used, how long stored etc. even if you don't need permissions). Also to be clear if you accept the base premise of GDPR it's pretty intuitive to judge if it's an exception or not.
5. in some countries, there are highly misguided "cookie popup" laws predating GDPR (they are actually about cookies, not data collection in general). This are national laws and such the EU would prefer to have removed. Work on it is in process but takes way to long. I'm also not fully sure about the sate of that. So in that context, yes they should and want to kill "cookie popups". That just doesn't mean what most people think it does (as it has nothing to do with GDPR).
But that would require directing the anger at specific companies (and their 2137 ad partners) rather than at an easy target of the banana-regulating evil authority.
Sadly whenever this kind of discussion pops up it's usually a very unpopular take.
Facinating that they landed on infinite scrolling as the problem to spend time and energy on instead of all the other things happening online that have an impact on society.
Genuinely curious about the actual data on this.
Does anyone have a link to a reputable, sizable study?
I mean, clearly the companies at the top can't be trusted to do what's in the best interests of the users. So at some point someone has to do something. If this is the correct something that remains to be seen.
Does this only apply to companies the commission doesn't like or will it apply to the hn app I use, my email clients, shopping sites, etc? Because it seems like the actual concern how good the algorithms are and not the UI.
This is a finding of a violation of the DSA, which only applies to services (not local reader apps), and only if they have a lot of users.
Like, a significant fraction of the country level of usage. You don't need to worry about the EU coming and taking away your HN client APK. You do need to be worried about Google doing that, though.
I admire the EU's attempts at things like the cookie law, age verification, and tackling the addictiveness of infinite scrolling, but the implementation is pure theater.
Trackers have much more effective techniques than "cookies", kids trivially bypass verification, and designers will make a joke of tell me you have infinite scrolling without telling me you have infinite scrolling. When you are facing trillions of dollars of competition to your law, what do you think is going to happen?
Maybe if there was an independent commission that had the authority to rapidly investigate and punish (i.e. within weeks) big tech for attempting engagement engineering practices it might actually have some effect. But trying to mandate end user interfaces is wasting everyone's time putting lipstick on a pig.
Dunno about using legislative moves, but yes please. The stupidest solution to a problem no one had. Moving layouts, unreachable footers, no or unsatisfactory indication of one's position.
All just to remove navigation clicks no one minded and reduce server loads, in exchange for users suffering laggy lazy loading (or, what a hate-inducing pattern!) inability to preload, print, search or link.
Infinite scrolling combined with the algorithmic feed is the real nasty.
Feeds should be heavily regulated, effectively they are a (personalized!) broadcast, and maybe the same strictures should apply. Definitely they should be transparent (e.g. chronological from subscribed topics), and things like veering more extreme in order to drive engagement should be outlawed.
What exactly is dystopian about protecting developing minds of children and teens from detrimental effects and social media addiction caused by companies like Meta and Bytedance. These companies profit immensely from being quasi unregulated.
This isn’t about addiction, it’s about censorship. If you limit the amount of time someone can spend getting information, and make it inconvenient with UI changes, it’s much harder to have embarrassing information spread to the masses.
Amazingly, the public will generally nod along anyway when they read governmental press releases and say “yes, yes, it’s for my safety.”
Scrolling through an infinity of AI slop videos can't really be classified as "getting information". If you want to read the news and stay up to date with the "embarrassing information" there's plenty of news websites out there.
I have a proud European coworker trying to get their H1B...
They talk about how great Europe is, how they like their 1-2 hour coffee/smoke breaks... These kind of moves give me that same vibe.
But why are so many Europeans trying to move to the US? Why isn't the opposite happening?
My hypothesis is that these kind of popular policies are short sighted. They are super popular, they use intuition and feeling. But maybe there is something missing. The unadulterated freedom has led people to enjoy these platforms. Obviously it affects the economy. So much so, even the US military has moved from Europe to Asia.
I don't typically like fiction, but it seems "I, Robot" was spot on about Europe. (Maybe mistaking new Africa for Asia)
Well, your freeeeedooooms include having to pay taxes when living outside of the US. I'd say that's a pretty big factor in deciding if it's worth it to leave the country.
Why are so many Americans trying to move to the EU? Turns out people have different wants and needs in life, and so they move to where they like best. I for one would never set foot in USA in fear of being shot, kidnapped by ICE (or shot by ICE), fear of being bankrupt by the healthcare options there if something happens to me, fear of the poison you call food, and the absolutely ignorant populace that seems to roam the streets there. I swear half the times I can't even tell if USA is a real place or some really bizarre reality TV show.
> But why are so many Europeans trying to move to the US? Why isn't the opposite happening?
Citation needed.
I took some minutes to try and find statistics, and also ChatGPT claims that the EU simply doesn't collect or publish that kind of data, so I'm wondering how you think you know.
Same here, to the point I would even avoid layovers in the US and take a more expensive flight instead.
I don't want to deal with some power tripping immigration officer insisting to search my phone and social media to send me to some camp because I wrote critical comments about the current administration.
It's important to note they aren't creating laws against infinite scrolling, but are ruling against addictive design and pointing to infinite scrolling as an example of it. The wording here is fascinating, mainly because they're effectively acting as arbiters of "vibes". They point to certain features they'd like them to change, but there is no specific ruling around what you can/can't do.
My initial reaction was that this was a terrible precedent, but after thinking on it more I asked myself, "well what specific laws would I write to combat addictive design?". Everything I thought of would have some way or workaround that could be found, and equally would have terrible consequences on situations where this is actually quite valuable. IE if you disallow infinite scrolling, what page sizes are allowed? Can I just have a page of 10,000 elements that lazy load?
Regardless of your take around whether this is EU overreach, I'm glad they're not implementing strict laws around what you can/can't do - there are valuable situations for these UI patterns, even if in combination they can create addictive experiences. Still, I do think that overregulation here will lead to services being fractured. I was writing about this earlier this morning (https://news.ycombinator.com/item?id=47005367), but the regulated friction of major platforms (ie discord w/ ID laws) is on a collision course with the ease of vibe coding up your own. When that happens, these comissions are going to need to think long and hard around having a few large companies to watch over is better than millions of small micro-niche ones.
Like most famous EU laws, this is not a law for people. Like the Banking regulations, the DMA, the GPDR, the AI act, this law cannot be used by individuals to achieve their rights against companies and certainly not against EU states, who have repeatedly shown willingness to use AI against individuals, including face recognition (which gets a lot of negative attention and strict rules in the AI act, and EU member states get to ignore both directly, and they get to allow companies to ignore the rules), violate GPDR against their own citizens (e.g. use medical data in divorce cases, or even tax debt collection, and they let private companies ignore the rules for government purposes (e.g. hospitals can be forced report if you paid for treatment rather than pay alimony, rather than pay your back taxes)). The first application of the GPDR was to remove links about Barrosso's personal history from Google.
These laws can only be used by the EU commission against specific companies. Here's how the process works: someone "files a complaint", which is an email to the EU commission (not a complaint in the legal sense, no involvement of prosecutors, or judges, or any part of the justice system of any member state at all). Then an EU commissioner starts a negotiation process and rules on the case, usually imposing billions of euros in fines or providing publicly-backed loans (in the case of banks). The vast, vast, vast majority of these complaints are ignored or "settled in love" (French legal term: the idea is that some commission bureaucrat contacts the company and "arranges things", never involving any kind of enforcement mechanism). Then they become chairman of Goldman Sachs (oops, that just happened once, giving Goldman Sachs it's first communist chairman, yes really. In case you're wondering: Barrosso), or join Uber's and Salesforce's executive teams, paid through Panama paper companies.
In other words: these laws are not at all about addictive design, and saving you from it, they're about going after specific companies for political means. Google, Facebook, Goldman Sachs, ...
Ironically the EU is doing exactly what Trump did with tariffs. It's just that Trump is using a sawed-off shotgun where the EU commission is using a scalpel.
Addictive designs and social media have changed a lot in the last 10 years, for one. But more importantly, there's no statute of limitation on making laws.
The EU realized they can extort the US big tech. The EU will now just focus on laws and taxing (the war in Ukraine isn't their problem). And frankly, we should just ignore EU laws in the US.
Of course the GDPR gives individuals rights, counter example:
> The first application of the GPDR was to remove links about Barrosso's personal history from Google.
In the UK at least, the GDPR was incorporated into UK law (where it remains, essentially unmodified, even after Brexit). So it is certainly not necessary to get the EU commission involved to enforce the law. In the UK, the ICO is the relevant regulator. There are other national regulators that enforce the GDPR, such as the French CNIL.
The amount of paid shills opposing this is a good indicator that it's the right move.
I'm not saying social media isn't cancerous and shouldn't be regulated, because it is and it should, I'm saying that in this specific case it's a symptom of a much bigger existing disease and not the root cause of it.
They use a two-round system to elect their President that works like this:
1. If a candidates gets more than 50% in the first round they are the winner, and there is no second round.
2. If there is no clear winner in the first round, the top two from the first round advance to the second round to determine the winner.
In that election there were 14 candidates. 6 from right-wing parties, 4 from left-wing parties, and 4 independents. The most anyone got in the first round was 22.94%, and the second most was 19.18%. Third was 19.15%. Fourth was 13.86%, then 8.79%.
With that many candidates, and with there being quite a lot of overlap in the positions of the candidates closer to the center, you can easily end up with the candidates that are more extreme finishing higher because they have fewer overlap on positions with the others, and so the voters that find those issues most important don't get split.
You can easily end up with two candidates in the runoff that a large majority disagree with on all major issues.
They really need to be using something like ranked choice.
Firstly, there's many forms of elections, each with their own pros and cons, but I don't think the voting method is the core problem here.
Let's assume Norway would have the exact same system and parties like Romania. Do you think Norwegians would have been swayed by a an online ad campaign to vote a Russian puppet off tiktok to the last round?
What if the education level, standard of living of the population and being a high trust society, is actually what filters malicious candidates, and not some magic election method?
Secondly, what if that faulty election system, is a actually a feature and not a bug, inserted since the formation of modern Romania after the 1989 revolution, when the people from the (former) commies and securitatea(intelligence services and secret police) now still running the country but under different org names and flags, had to patch up a new constitution virtually overnight, so they made sure to create a new one where they themselves and their parties have an easier time gaming the system in their favor to always end up on top in the new democratic system, but now that backdoor is being exploited by foreign actors.
Actually both can be true.
So blaming of tiktok is a convenient scapegoat for Romania's corrupt establishment to legitimize themselves and deflect their unpopularity as if it's caused by Russian interference and not their own actions. NO, Russian interference just weaponized the massive unpopularity they already had.
So here's a wild idea on how to protect your democracy: how about instead of banning social media, politicians actually get off their kiddie fiddling islands, stop stealing everything not nailed to the ground and do right by their people, so that the voters don't feel compelled to pour gasoline on their country and light it on fire out of spite just to watch the establishment burn with it.
Because when people are educated, healthy, financially well off and taken care of by their government who acts in their best interest, then no amount of foreign social media propaganda can convince people to throw that all away on a dime. But if your people are their wits end and want to see you guillotined, then that negative capital can and will be exploited by foreign adversaries. Like how come you don't see Swiss or Norwegians trying to vote Russian puppets off TikTok to power and it's not because they have more control on social media than Romania.
This isn't a Romanian problem BTW, many western countries see similar political disenfranchisement today, and why you see western leaders rushing to ban or seize control of social media and free speech, instead of actually fixing their countries according to the pains of the voters.
I wonder if we'll get speakeasies where people can get endogenous dopamine kicks from experiencing dark patterns?
Or you could just shut the phone off and/or not install the app. It's a simple solution, really, and one that is available at your disposal today at no cost.
We know plenty of things are quite bad for us, and yet we find them difficult to stop. Somewhat famously difficult to stop.
I think telling people, "just don't..." trivializes how difficult that is.
The amount of people in here right now clamoring for legislation to keep them away from electronics which they themselves purchased is mind-bogglingly insane.
Dude, it's 2025.
A few years ago, I accidentally left my phone at home when I went to work, and when I arrived I found that because I no longer had my 2FA device, I couldn't do any work until I went home again and picked it up.
I'm fine without doomscrolling. I've gone from the minimum possible service with internet, to pure PAYG with no internet, and I'm fine with that. But society has moved on, and for a lot of people, phones are no longer an option.
And for a meaningful fraction of people, somehow, I don't get it either, TikTok is the news. Not metaphorically, it's actually where they get news from.
Actually, it's 2026 and has been for six weeks.
> A few years ago, I accidentally left my phone at home when I went to work, and when I arrived I found that because I no longer had my 2FA device, I couldn't do any work until I went home again and picked it up.
Sounds like a personal problem. There are many other 2FA authenticators available. Yubikey, TOTP tokens, smart cards, etc. Using a smartphone (which can lose power at any time) for critical authentication was a silly idea to begin with. I would refuse anything work-related on my personal phone.
D'oh. But fair.
> There are many other 2FA authenticators available.
Specified by job, so no choice in this matter.
> I would refuse anything work-related on my personal phone.
Quite reasonable as a general rule, though my then-employer only required the 2FA app and nothing else, and in this case it would've just meant "get an additional phone".
Laws are not created to be malleable about the population's trivial mental illnesses.
We don't need new laws on the books because some people are incapable of turning their phones off. They have addictive personalities and will fulfill this by other means, while everyone high-fives claiming success.
I'm proud of you that you are as disconnected as you are. I'm the same -- ditched my addictive social media accounts back in like 2011 -- but not everyone is like us.
The world is complicated. People's lives are complicated (and often meditated by their phones). People's emotional and social wellbeing is complicated, and simply ghosting all your social groups on a random Tuesday is likely to cause significant problems.
Are you suggesting we should require prescriptions to purchase them?
We have been learning how to induce certain experiences, which correspond to certain substances, for a long time; we're getting more competent at it; this includes social media A/B testing itself to be so sticky that a lot of people find it hard to put down; this is bad, so something* is being done about it.
* The risk being "something should be done; this is something, therefore it should be done"
Whatever happened to freedom?
IMO it's a feature that's not valuable enough to justify the fact that it contributes to poor quality of life for people who can't put it down.
Because it is a dangerous addiction [1] with recognised adverse effects on human health. Like sugar, tobacco, or drugs.
[1] https://news.ycombinator.com/item?id=46959832
You reduce sugar intake, not eliminate it.
You eliminate cocaine intake, not just reduce it.
Treating social media design as equal to something that can kill people in excess unnerves me.
As it should, because there's a really obvious "slippery slope" argument right there.
But… it can kill people.
There is a certain fraction of the population who, for whatever reason, can be manipulated, to the point of becoming killers or of causing injury to themselves. Social media… actually, worse than that, all A/B testing everywhere, can stumble upon this even when it isn't trying to (I would like to believe that OpenAI's experience with 4o-induced psychosis was unintentional).
When we know which tools can be used for manipulation, it's bad to keep allowing it to run unchecked. Unchecked, they are the tool of propagandists.
But… I see that slippery slope, I know that any government which successfully argues itself the power to regulate this, even for good, is one bad election away from a dictatorship that will abuse the same reasoning and powers to evil ends.
Why would you not be willing to include "scrolling" as another form of addiction? Just because it's labeled the same way you yourself are demonstrating that we handle that in different ways.
Social Media is being treated as "sugar" in this instance instead of as "cocaine".
(As I get older, unironically. I want my productive worker bees to be drug free, addiction free, enjoying simple pleasures that do not put me at risk. They pay Social Security. Everything is nice and safe. Freedom? Yeah no thanks, get to work and pay your taxes.)
You think that attacking these horrible companies is bad for our freedoms, we think our freedoms are fine with it.
Freedom from, or freedom to?
Why would anyone publicly express any negative opinion about the effects of doomscrolling? I don't think I'm uncharitably paraphrasing, right?
Sarcasm now, but maybe what the near future will look like...
More to the point: this is indeed a massive overreach with the Commission being the police, judge, jury, and executioner... what could go wrong? Exactly what we are seeing is taking shape, precedent by precedent.
Turns out it was a big lie you've told yourself so you can let the rich and powerful get away with atrocities.
Hey, we all have free speech, it's just that I can buy a whole lot more of it than you can.
Disclaimer: I anal and this is not legal advice.
Basically, the law created enough fear among the lawyers that software developers are being advised to include the cookie banner in cases where it isn't strictly needed.
So uh, don't do that.
You don't need to notify if you use cookies for required functionality like login sessions or remembering a functional setting.
If you're tracking whether they're returning or not your activity is exactly the kind of behaviour the rule is covering because, in legal terms, it's skeezy as fuck.
https://gdpr.eu/cookies/
Nobody wants to be the EU test case on precisely how "required functionality" is defined. Regardless of what the plaintext of the law says, it should be self-evident that companies will be more conservative than that, especially when the cost is as low as adding one cooke banner and tracking one preference.
I think in the past you still needed some info box in the corner with a link to the data policy. But I think that isn't needed anymore (to be clear not a consent dialog, a informational only thing). Also you can without additional consent store a same site/domain cookie remembering you dismissing or clicking on it and not showing it again (btw. same for opting out of being tracked).
But there are some old pre-GDPR laws in some countries (not EU wide AFIK) which do require actual cookie banners (in difference to GDPR consent dialogs or informational things). EU want them removed, but politic moves slow AF so not sure what the sate of this is.
So yes without checking if all the older misguided laws have been dismissed, you probably should have a small banner at the bottom telling people "we don't track you but for ... reasons .. [link] [ok]" even if you don't track people :(. But also if they haven't gotten dismissed they should be dismissed very soon.
Still such a banner is non obnoxious, little annoying (on PC, Tablet, a bit more annoying on Phone). And isn't that harass people to allow you to spy on them nonsense we have everywhere.
Having the EU decide on a technical implementation is more of a last ditch effort, like what happened with more than a decade of the EU telling the industry to get its shit together and unify under a common charging port.
1. GDPR consent dialogs are not cookie popups, most things you see are GDPR consent dialogs
2. GDPR consent dialogs are only required if you share data, i.e. spy on the user
3. GDPR had from the get to go a bunch of exceptions, e.g. you don't need permission to store a same site cookie indicating that you opted out of tracking _iff_ you don't use it for tracking. Same for a lot of other things where the data is needed for operation as long as the data is only used with that thing and not given away. (E.g. DDOS protection, bot detection, etc.)
4. You still had to inform the user but this doesn't need any user interacting, accepting anything nor does it need to be a popup blocking the view. A small information in the corner of the screen with a link to the data policy is good enough. But only if all what you do falls under 3. or non personal information. Furthermore I think they recently have updated it to not even require that, just having a privacy policy in a well know place is good enough but I have to double check. (And to be clear this is for data you don't need permission to collect, but like any data you collect it's strictly use case bound and you still have to list how its used, how long stored etc. even if you don't need permissions). Also to be clear if you accept the base premise of GDPR it's pretty intuitive to judge if it's an exception or not.
5. in some countries, there are highly misguided "cookie popup" laws predating GDPR (they are actually about cookies, not data collection in general). This are national laws and such the EU would prefer to have removed. Work on it is in process but takes way to long. I'm also not fully sure about the sate of that. So in that context, yes they should and want to kill "cookie popups". That just doesn't mean what most people think it does (as it has nothing to do with GDPR).
Sadly whenever this kind of discussion pops up it's usually a very unpopular take.
Genuinely curious about the actual data on this.
Does anyone have a link to a reputable, sizable study?
I'm curious how they plan to pretend to enforce this. Will you need a loisence to implement infinite scroll?
Like, a significant fraction of the country level of usage. You don't need to worry about the EU coming and taking away your HN client APK. You do need to be worried about Google doing that, though.
Trackers have much more effective techniques than "cookies", kids trivially bypass verification, and designers will make a joke of tell me you have infinite scrolling without telling me you have infinite scrolling. When you are facing trillions of dollars of competition to your law, what do you think is going to happen?
Maybe if there was an independent commission that had the authority to rapidly investigate and punish (i.e. within weeks) big tech for attempting engagement engineering practices it might actually have some effect. But trying to mandate end user interfaces is wasting everyone's time putting lipstick on a pig.
All just to remove navigation clicks no one minded and reduce server loads, in exchange for users suffering laggy lazy loading (or, what a hate-inducing pattern!) inability to preload, print, search or link.
Feeds should be heavily regulated, effectively they are a (personalized!) broadcast, and maybe the same strictures should apply. Definitely they should be transparent (e.g. chronological from subscribed topics), and things like veering more extreme in order to drive engagement should be outlawed.
You can buy as much freedom as you want there.
hopefully AI will wake them up and save us from all this nonsense
This isn’t about addiction, it’s about censorship. If you limit the amount of time someone can spend getting information, and make it inconvenient with UI changes, it’s much harder to have embarrassing information spread to the masses.
Amazingly, the public will generally nod along anyway when they read governmental press releases and say “yes, yes, it’s for my safety.”
They talk about how great Europe is, how they like their 1-2 hour coffee/smoke breaks... These kind of moves give me that same vibe.
But why are so many Europeans trying to move to the US? Why isn't the opposite happening?
My hypothesis is that these kind of popular policies are short sighted. They are super popular, they use intuition and feeling. But maybe there is something missing. The unadulterated freedom has led people to enjoy these platforms. Obviously it affects the economy. So much so, even the US military has moved from Europe to Asia.
I don't typically like fiction, but it seems "I, Robot" was spot on about Europe. (Maybe mistaking new Africa for Asia)
Citation needed.
I took some minutes to try and find statistics, and also ChatGPT claims that the EU simply doesn't collect or publish that kind of data, so I'm wondering how you think you know.
All I see in my circle is people refusing to even go on vacation in the US, let alone move there.