Internet's biggest annoyance: Cookie laws should target browsers, not websites

Policing the tools instead of policing what is being done with them is the problem for me. Third party cookies have a valid reason to be used in federated authentication for instance, or a bunch of other valid purposes. Just ban shitty data collection practices.

Knives can be used to chop vegetables or stab someone. Don't ban their sale, ban their usage.

Cookie consent is not required for technical cookies like auth.

I'm surprised at how often this needs to be restated.

By-and-large you only need to allow people to opt out of cookies if you're tracking _their_ activity and/or selling details of _their_ activity to your "partners".

Indeed. Nor is GDPR about cookies at all. GDPR is about identifiable user profiles and information. A piece of paper with someone's name falls under the GDPR; a cookie that hides a shown alert doesn't.

It isn't needed, but third-party cookies were phased out by Chrome specifically to undermine their competitors, all under the veil of doing the right thing, and everyone that was using them for something ok got screwed.

Once again....

There is no requirement for 'cookie banners'. You are free to use whatever cookies you want to run your site. HOWEVER, if you are using those cookies to track me (advertisers take a bow) then you need my clear, opt-in informed consent to do so. And so you should!

I continue to be astounded at the ignorance some people have of the GDPR; such a vital privacy law and one that is fundamental to modern data use and respect for the customer.

Partly it’s because we’ve simplified the discussion to “cookie banners” when it’s about more than cookie tracking or cookie-like tracking (local storage). So it misses all the other ways tracking occurs.

The other thing is that it benefits those who wish the law would just go away to have it misunderstood this way.