https://commission.europa.eu/resources-partners/europa-web-g...
In this case, this one might fit:
> User centric security cookies, used to detect authentication abuses and linked to the functionality explicitly requested by the user, for a limited persistent duration
This community is Australian & New Zealand based, we had 0 European players or visitors. And as @unsnap_biceps this predated GDPR compliance.
You are right though that you wouldn't be able to do this in Europe today because asking for fingerprinting consent defeats the purpose because the hacker would likely quickly figure out what is happing and circumvent it.
I don't know how these would balance each other out legally, but it's fun to think about
> for a limited persistent duration
FTA:
> However, the VGUI browser had no issues saving cookies with expiry dates exceeding 10+ years!
So no, it doesn't even qualify.
Preventing cheaters is similar. And this is blatantly a tracking cookie.
Also, all of this was in 2017. Anyone doing it in 2024 should indeed run it past a lawyer.