This is a specific definition of "small web" which is even narrower than the one I normally think of. But reading about Gemini, it does make me wonder if the original sin is client-side dynamism.
We could say: that's Javascript. But some Javascript operates only on the DOM. It's really XHR/fetch and friends that are the problem.
We could say: CSS is ok. But CSS can fetch remote resources and if JS isn't there, I wonder how long it would take for ad vendors to have CSS-only solutions...or maybe they do already?
I would put it all on cookies. No third party cookies (at all) - good. JS and CSS and even autoplay video is fine as long as there are no third party cookies.
That would make the Small Web bigger but it would get to the main point. I'd be fine with a site like the New Yorker that has more bells and whistles be included as long as I could experience it without a tracked ad from DoubleClick.
Right now any serious outfit simply cannot be included in the Small Web but we really need companies there.
Totally agree. I run a few professional websites/apps that deliberately avoid tracking technologies. They only use first-party session cookies and minimal server logs for operational purposes.
Interestingly, I’ve noticed that some users find this suspicious because there's no cookie banner ! People may have become so used to seeing them that a site without one can look dubious or unprofessional. And I'm pretty sure some maintainers include them just to conform with common practice or due to legal uncertainty.
Maybe a simple, community-driven, public declaration might help. Something like a "No-Tracking Web Declaration". It could be a short document describing fair practices that websites could reference, such as "only first-party session cookies", "server logs used only for operational purposes", etc.
A website could then display a small statement such as "This site follows the No-Tracking Web Declaration v1.0". This might help legitimate the approach, and give visitors and operators confidence that avoiding usual bells and whistles can actually be compliant with applicable regulations.
Its not just JavaScript, it's cookies, it's "auto loading" resources (e.g. 1x1 pixels with per-request unique URLs), it's third-party http requests to other domains (which might art cookies too).
I think the XKCD comic about encryption-vs-wrench has never been more apt for Gemini the protocol...
We could say: that's Javascript. But some Javascript operates only on the DOM. It's really XHR/fetch and friends that are the problem.
We could say: CSS is ok. But CSS can fetch remote resources and if JS isn't there, I wonder how long it would take for ad vendors to have CSS-only solutions...or maybe they do already?