How to enable Brave's upcoming cookie consent blocking feature right now
Brave plans to give users of the web browser an option to enable a cookie consent blocking feature in version 1.45. Scheduled for an October release, Brave users will see a prompt on start that gives them the option to enable the feature.
Cookie consent banners, for those unaware, are displayed by the majority of sites on first visit. Some display these banners only to visitors from the European Union, others may display them for all visitors.
The main idea was to give users more control over cookies and tracking on the Internet. While users do get more control, many are also highly annoyed by the sheer number of cookie consent banners that they are exposed to on a regular day on the Internet.
Extensions and filter lists were created to deal with these banners. Extensions like Never Consent or Cookie Block automate the process for the most part. Filter lists, for use in content blockers and browsers that support these, are another option. It is this option that Brave selected to block cookie consent prompts for users.
Brave users need to enable the feature. In Brave 1.45, this can be done via the prompt that the browser's protective Shields feature displays on startup. Since all that happens is the enabling of the filter list, Brave 1.44 and earlier support the option as well.
Here is how you enable the cookie consent blocking feature right now in Brave:
- Load brave://settings/shields/filters to display the available content blocking filters that Brave supports.
- Type cookie in the search box at the top of the page to display only filter lists with cookie in the name.
- Check the Easylist-Cookie List - Filter Obtrusive Cookie Notices to enable the feature. It is downloaded at this stage and may take a minute to activate fully in the browser.
Once done, you should notice a reduction of cookie prompts that you get while browsing the Internet in the Brave browser. Brave will either block or hide the prompts, depending on different implementations of the prompts.
Note that some cookie prompts may still be displayed, but the majority of prompts should be gone.
Users of other browsers may also enable the same level of blocking, if they use content blockers that support custom filter lists. All it takes is to import this list into the content blocker then.
Now You: how do you handle cookie prompts?
Doesn’t work. I’m in the EU and cookie boxes still pop up on at least 50 percent of the sites.
Dumping Brave because of this and going back to Opera, where I can at least install the I don’t care about cookies extension.
“Cookie consent” is unnecessary when third party cooking is already blocked, right?
The integrated block lists also block most tracking cookies AFAIK, whether on Brave, or something like ublock origin.
@NA
Brave doesn’t block 3p cookies because of Ephemeral Storage, they are stored in a temporal storage until you close the website, so technically if you reject the cookies you will not get anything in the ephemeral storage, but they can track you in so many ways if they want to, they don’t need your cookies.
> Brave plans to give users of the web browser an option to enable a cookie consent blocking feature
For the record (because it was not mentioned on ghacks at all): Firefox will also get a cookie consent blocking feature…
imagine…. why should people care what Firefox is doing in a Brave Browser post? Fanboys are desperate for attention wow.
And what you don’t understand is Brave has built a real adblocker to do these kind of things and more, unlike Firefox and others than have garbage and you need uBlock and others to have something good..
“Users of other browsers may also enable the same level of blocking, if they use content blockers that support custom filter lists. All it takes is to import this list into the content blocker then.”
In uBlock Origin that list is already imported but not enabled by default, it’s “Easylist Cookie”, so it doesn’t really need to be imported strictly speaking.
Note that it’s included in another imported list that is also not enabled by default, “Fanboy’s Annoyance”, so no need to enable both if that last one has already been enabled. It would really be worth it to add in the uBo interface comments like “also includes Easylist Cookie and Fanboy’s Social” in front of lists like Fanboy’s Annoyance to avoid redundancy. Someone should open a github issue about that. I have never noticed a performance hit by adding lots of filter lists on desktop but I suspect that it’s no longer true on mobile, and if those extra lists are purely redundant it’s surely not even going to be compensated by more nefarious web content not being loaded.
This will likely not make much difference for me personally, as I already use the Fanboy’s Annoyance list (which contains EasyList Cookie).
However, Brave is on fire lately and continuously moving in the right direction. The way many websites have decided to implement their cookie privacy warnings just plain sucks and are deliberately user hostile. This move by Brave will definitely aid discoverability for those who don’t explore additional filter lists and will therefore reduce the number of obnoxious cookie warnings people have to endure.
Question. If you use these lists or extesions, do the sites interpret this as a accepting all cookies, or as rejecting all but “necessary” cookies?
If it’s the former, then these lists aren’t good for privacy. If the latter, that should be the default for all cookies, right? I do use these lists, well, the “I don’t care” list, but I get lots of cookies to clear out.
@Coriy
You have to understand that that BS of cookie banners brought to us thanks to the lame criminal European Union, it is just a bunch of BS lie, it is not good for privacy to accept or reject the useless cookie crap banners, do you think they don’t track to see how many users clicked accept or reject? they do, you are in their page and they will make sure to know everything about you if they want to, doesn’t matter the extensions you use.
That’s why when Brave started they only blocked 3p, because 3p is the big problem, websites sharing your data with others, but if you go to a website that asks you if you want cookies or not, they can still track you in so many ways, it doesn’t even matter. Most of the cookie problem are 3p anyway, which Brave has Ephemeral Storage to kind of let you use them but then throw them away as soon as you close the website.
You literally have to click accept or reject because of lame fantasy marketing scheme of ‘privacy’, it is a waste of time and now you need extensions and these type of cosmetics (hiding html elements) to stop being annoyed with all this fantasy BS of “oh they let me choose to reject or accept cookies if I want to”, yet, they will track you with our without cookies, it’s not like they are not other types of storage, it’s not like they are adding themselves to the “don’t allow cookies from” list of your browser.
@Coriy
The reply of @Simon has already covered what happens when the cookie banner is blocked. The reply is accurate and covers your first question. I want to address your second question though:
> If it’s the former, then these lists aren’t good for privacy. If the latter, that should be the default for all cookies, right? I do use these lists, well, the “I don’t care” list, but I get lots of cookies to clear out.
OK, so let’s assume that the website does not give a shit about my privacy and assumes that me not seeing the cookie banner / not clicking it means that I consent to all of their cookies, what happens then? I have of course thought of that scenario for myself and this is how I handle it in Brave:
1) In Brave Shields – brave://settings/shields – I have set Brave to block all cross-site cookies, meaning all 3rd party cookies will be refused. This already forces the website to only set 1st party cookies.
2) Brave has a feature called ephemeral storage enabled by default, this is the partitioning of local data including cookies. This further limits cross-site tracking possibilities using cookies.
3) I have set my browser to clear cookies and cache on shutdown under brave://settings/clearBrowserData
4) Furthermore, I use the Cookie AutoDelete extension from the Chrome Web Store: https://chrome.google.com/webstore/detail/cookie-autodelete/fhcgjolkccmbidfldomjliifgaodjagh?hl=de This deletes cookies when I close a tab or when I leave the website for a different website within the same tab.
5) I am using the “EasyList – Cookie List” as well as the “I don’t care about cookies” list – see my other comment above.
I am also using the following custom filter for YouTube’s annoying cookie banner:
! YT consent
youtube.com##+js(set, ytInitialData.topbar.desktopTopbarRenderer.interstitial.consentBumpRenderer.forceConsent, false)
youtube.com##+js(json-prune, [].response.topbar.desktopTopbarRenderer.interstitial.consentBumpRenderer)
youtube.com##+js(json-prune, topbar.desktopTopbarRenderer.interstitial.consentBumpRenderer)
youtube.com##+js(set, ytInitialData.onResponseReceivedEndpoints, undefined)
! YT consent v2
youtube.com##+js(set, ytInitialData.topbar.desktopTopbarRenderer.interstitial.consentBumpV2Renderer, undefined)
youtube.com##+js(json-prune, [].response.overlay.consentBumpV2Renderer topbar.desktopTopbarRenderer.interstitial.consentBumpV2Renderer overlay.consentBumpV2Renderer response.overlay.consentBumpV2Renderer)
As you can see above, tracking me via cookies is not possible. The 1st party cookies that can be set for me have limited usefulness due to Brave’s local data partitioning and Cookie AutoDelete. Even a user-hostile website willing to set all cookies possible has no chance against my setup.
@Iron Heart
>3) I have set my browser to clear cookies and cache on shutdown under brave://settings/clearBrowserData
There are a few sites I want to allow Cookies on. I have set these up in Cookie Auto Delete, not to delete their cookies, but delete all the rest. Is there anyway to set Brave to not delete these cookies, too?
@Anonymous
> There are a few sites I want to allow Cookies on. I have set these up in Cookie Auto Delete, not to delete their cookies, but delete all the rest. Is there anyway to set Brave to not delete these cookies, too?
Yes, there is a way to do this:
1) Disable the “Cookies and other site data” setting under brave://settings/clearBrowserData – you can leave the “Cached images and files” setting enabled as it is unrelated to cookies.
2) Then go to brave://settings/cookies and enable “Clear cookies and site data when you quit Brave”.
3) Also under brave://settings/cookies, there is an “Allow” section, i.e. websites that can always use cookies. Here you can add all websites whose cookies are allowed to persist between browser restarts.
Cheers.
@Coriy
The EU ePrivacy Directive (or “cookie law”) in combination with GDPR requires user consent for non-essential cookies (as cookie identifiers are considered personal data).
Therefore, if the cookie notice is ignored, then the website *should* treat that the same as the user not accepting non-essential cookies – as the user has not given explicit consent.
The Brave blog post linked to in the article says that they block the cookie notices outright (they do not accept cookies). Therefore, the user is not giving consent to the website to use non-essential cookies and so only essential (non-tracking) cookies should be set by the website.
https://brave.com/privacy-updates/21-blocking-cookie-notices/
Whether the websites do this correctly is another matter, but they risk being fined if they don’t (assuming the user doesn’t live in a backwards uncivilised country that doesn’t have decent privacy laws).
Using filter lists is somewhat crude and can sometimes cause issues, but I’m not sure what else can be done at the moment to get rid of the deliberately obnoxious and intrusive banners that websites implement.
If there was an agreed upon standard backed by law, then people wouldn’t have to be implementing crude measures to fend off unscrupulous data vampires. Therefore personally, in the future I would like to see a general “Do Not Track” type operating system level setting (which will cover apps and non-computing devices like TVs as well) that users can set once and websites/apps have to honour by law (maybe something for the future ePrivacy Regulation).
Or even better, outlaw personalized advertising outright, so advertisers will need to use contextual advertising instead of this ridiculous race to the bottom. If a company wants to advertise their latest server, advertisers will then need to place ads in places where IT professionals hang out (like this website for example). Tracking and profiling people should never be legal.
@Simon,
Thank you, I understand thing a bit better now, and I agree that “personalized” advertising might best be outlawed.
Brave’s built-in adblocker has a option to disable cookies. I use that. No need to use extensions wwhich will be crippled, rendered useless, and will die with the only support being on a dead browser.
Having a built-in option dedicated to cookies is a brilliant addition. The less extensions, the better.
World class built-in ad blocking support, and now, world class built-in cookie blocking support from the BEST privacy focused browser on the market, Brave, aka, Firefox 2.0 (the real Firefox).
@FounderOfMozillaBrendanEich
>Brave, aka, Firefox 2.0
Firefox? Don’t you mean Palemoon 2.0?
I really like automatic cookie consent by the addon – Super Agent – because it automatically fills out the website’s cookie consent forms for me based on the specific preferences i like. Super Agent saves me a lot of clicks and lets me take control of my privacy in a very easy way. https://addons.mozilla.org/en-US/firefox/addon/super-agent/
Trying a Cookie Consent remover extension in Edge. Seems to work rather well, this is a case where the solution to cookies is worse than the Cookies themselves. At least the EU should have required the consent be remembered so you would only have to choose once. I go to sites that ask every single time which is annoying. This obsession with privacy on the web is an oxymoron thing anyway.
A post like this make it seem like Brave is like doing nothing, maybe you should have reported on the fact that Brave is getting vertical tabs and other Nightly features that are more important.
This is the feature that Bondy came on Tuesday and say “we need it for tomorrow” so probably it was for the blog post. But it is just a panel, that appear once, and people might even ignore it and say “why am I getting this” click it away and don’t even know what it was about.
the information about it gets written in Local State as “cookie_list_opt_in_shown”: true
I mean, it looks nice and has nice animation but nobody will really use it. I think they are fixing the fact that if you click somewhere it will disappear and never come back, but appearing once is the only way it will not be like “enable it or we will bother you.
The lists are not new though, you can even enable them in mobile in brave://adblock while on desktop they already moved the lists to settings like you mentioned it.
It is just a lame feature to be honest, but small features like this make the browser look better, and it will help the few people who read the popup and want to get rid of cookie prompts.
one thing is true, in their blog post they mention how people use those extensions to automatically reject or accept the cookies, like if companies wouldn’t track users doing it so hiding the cookie prompt is the best thing.
I am also testing an extension called Demodal which has the potential to handle these annoyances and others. It’s not groundbreakingly brilliant but it’s fairly new and experimental.
I got sick and tired of being hammered by stupid prompts to subscribe, sign up, agree to cookies etc.
It’s really a huge problem these days. Now if we can only go back to making navigation bars on website stay put and not follow you that would be great too.
I believe the project “I still don’t care about cookies” may eventually take a more robust approach to cookies than the original project so here’s hoping.
Whatever the browser it is I’m glad to see this stupid modals and notifications being taken seriously and squashed.
This is not a new feature – it really only prompts the user to enable the “EasyList – Cookie List” which has been part of Brave for ages. I would have hoped that they implemented something like the “I don’t care about cookies” extension did, always accepting cookies (essential ones only) automatically. This would be even more effective than any list and could also work in tandem with lists.
Last but not least, in addition to the “EasyList – Cookie List” I am also using the “I don’t care about cookies” list in Brave (add this URL: https://www.i-dont-care-about-cookies.eu/abp/ ), as the EasyList does not seem to cover everything.
This is useful. I uninstalled the extension after they sold out to evil. Since then I have been pertered by cookie warnings, despite having the easylist option ticked on. I will look for that “I don’t care about cookies” list to add. The easylist feature is clearly unsufficient : what is needed is a smart detection tool ala popup blocker.
Did you notice how the most useful extensions sell out and are replaced by less useful, greedy updates? I can’t spend any more resources chasing pests. Where has open source and free software gone ? Have all them geeks sold their soul to hegemon ?
@Iron Heart
I have an extension “I don’t care about cookies”. Is that the same thing? Can I just add this list and delete the extension?
@Anonymous
> I have an extension “I don’t care about cookies”. Is that the same thing? Can I just add this list and delete the extension?
It’s roughly the same thing. The extension differs from the list in that it not only blocks cookie banners like the list, but also “clicks them away” automatically. I quote from the website:
“In most cases, it just blocks or hides cookie related pop-ups. When it’s needed for the website to work properly, it will automatically accept the cookie policy for you (sometimes it will accept all and sometimes only necessary cookie categories, depending on what’s easier to do). It doesn’t delete cookies.”
source: https://www.i-dont-care-about-cookies.eu/
That being said, the ownership of the “I don’t care about cookies” extension has recently changed – the extension has been sold to Avast. Avast has a reputation of not valuing the privacy of their users (data collection, how user data is handled etc.). I therefore can no longer recommend the extension and I only rely on the list (the list does not require that the extension is installed).
An alternative to the “I don’t care about cookies” extension is the Consent-O-Matic extension, it has good reviews, however I am not using it myself. The “I don’t care about cookies” list in my adblocker is enough for me.
@IH
>add this URL: https://www.i-dont-care-about-cookies.eu/abp/
tx!