Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Opting-in should be a client feature, not a website feature... make browsers block cookies by default, and then add a button next to the title bar to accept cookies for this webpage (for them to remember the login).


Other people tracking you has nothing to do with the browser.

They need explicit permission to track you. The browser doing absolutely nothing is what most people want.

The website can set whatever cookies it wants for the activity of the website itself.


GDPR is not just about cookies. In fact cookies are already next-to-useless for tracking because modern browsers have countermeasures against it (which unfortunately does hinder legitimate usage like cross-domain SSO).

The GDPR is about data processing consent as a whole, regardless of how the data was collected. It includes data that you can’t withhold such as your IP address, browser fingerprint, etc.




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: