Evil sites will use localStorage or some third party API and continue tracking you.

I am sure people here will find at least 20 solutions on the problem on "how can a group of evil websites track a user across if cookies do not work but JS is On", the solution would involve something like drop this lines in your html page and the js code there will connect to some server and store some fingerprint there, Google might decide to give your browser a fingerprint to help with their ad business.

I wouldn't approach this problem from a technical direction.

If there is a browser based vendor agnostic opt-in popup for user tracking (not only cookies) you can outlaw and severely punish attempts to circumvent that.

Given the time and resources courts really dislike the "welllll technically..." Argument.

For GDPR both localStorage, fingerprinting and other methods are all equal to cookies. Even IP tracking is the same as a cookie.

"Cookie Banner" is just tech-jargon for these banners, but an incorrect one.

I know, I tried(and probably failed) to explain to OP why his simple idea to "just make the browsers disable third pary cookies" or other technical solutions are not going to work, you need GDPR like laws to focus on the actual problem and not some technical implementation because developers will find workarounds for technical only stuff.

Browsers could help by implementing a standard GDPR popup for this shitty websites to share , at least it will not be same dark pattern UX, broken implementation shit this sites use today.

Browsers could do a lot of good things if they would focus on the actual users needs and not on what some developer feels cool to work on or what soem giant company ants to implement next.

Gotcha. FYI, the post you replied to suggested "make browsers have a proper cookie banner", which seems like you agree with? The one that says "disable third party cookies" was two levels above your post.

>Gotcha. FYI, the post you replied to suggested "make browsers have a proper cookie banner", which seems like you agree with? The one that says "disable third party cookies" was two levels above your post.

Ah, sorry ,I messed up. I am trying to force myself to always quote the text I am replying, sometimes I do not do it and is causing issues, I will try to do better.

You can simply make that illegal.

that's the point of webbugs, https://webbug.eu/ no cookies needed - actually JS not needed but it sure is useful.

Please don't force browsers (clients) to fix what's fundamentally a server side (website doing shit with your data) issue.

Browser can choose to respect the cookies (first, or third parties), but ultimately don't force them to do or not do anything.

Forcing 3 companies to change their browsers is a lot easier than forcing millions of shady US businesses to do anything

It would be nice to have browser support for cookie popup that is uniform and not worded differently everywhere. Maybe even a default setting and ability to auto-reject. The popups have ruined the experience.

> Maybe even a default setting and ability to auto-reject.

We sort of have auto-reject, with the Do Not Track header. Which pretty much everyone has decided to ignore, because then people just say no and that's not the result they want.

> The popups have ruined the experience.

And behind every popup is a company that decided that ruining your experience was the correct thing to do.

> And behind every popup is a company that decided that ruining your experience was the correct thing to do.

Yes, of course, they want you to think "uugh privacy just means lots of work and popups I'll just click accept"

The problem is that both the client and the server is controlled in large part by Google and they like to optimize the user experience into whatever allows them to sell ads.

Lynx is about the only browser that still notifies you and has you accept each cookie manually.

most sites would not need a 'cookie banner'... unless they wish to track you/mine your data/etc.

As long as the most widely used browser is owned by Google? No way that could possibly end up being intentionally broken and misleading. The law would have to specify the exact shape of the cookie dialogue down to the pixel and I still would expect Google to find a way to fuck it up.

> I still would expect Google to find a way to fuck it up.

Playing cat and mouse with only a few large entities vs. literally every website on the web seems like progress.

And let's be realistic, "intentionally broken" can be prevented by having a serious deterrent and removing the incentive.

> The law would have to specify the exact shape of the cookie dialogue down to the pixel and I still would expect Google to find a way to fuck it up.

In the EU it's more usual for judges to take the "spirit of the law" into account for rulings rather than the "letter of the law" that is more common in Common Law systems.

I don't know enough and IANAL to state that with sureness about the whole legal system of all EU countries but it's a rule-of-thumb, the law doesn't need to be absurdly specific to avoid loopholes, it just needs to be good enough to cover ground for judges to judge if the accused is following its spirit.

> The law would have to specify the exact shape of the cookie dialogue down to the pixel

Sounds good to me.

> I still would expect Google to find a way to fuck it up.

Sure, then we change the law again and/or sue Google.

> Sure, then we change the law again and/or sue Google.

Which generally seems to have an almost 10 year delay for every iteration since Google will appeal on every instance and do its best to slow down every curt issued request heading its way to the fullest amount possible. The result: Not happening in the next century or two.

That is... doubling down on a bad idea. Moving the stupid cookie banners to the browser itself so we can not block them. It's so idiotic, the EU bureaucrats will probably consider it.

I think it's the other way around, if the cookie banners were implemented at the browser level, there would be "auto-reject" extensions on day 0. Or, worst case, auto-rejecting forks of Chromium and Firefox.