←back to thread

Internet's biggest annoyance: Cookie laws should target browsers, not websites

(nednex.com)
583 points SweetSoftPillow | 1 comments | 22 Oct 25 12:12 UTC | HN request time: 0.246s | source
1. a2128 ◴[22 Oct 25 13:05 UTC] No.45668473[source]
> Your browser becomes your personal privacy enforcer, and the law would require it to act on your behalf. Based on your one-time choice, it would be responsible for allowing or declining cookies from every site you visit. If a website tries to use a cookie with an unclear or undeclared purpose? The browser simply blocks it—no questions asked.

ChatGPT writing aside, how does the author expect browsers to do this exactly? It's not as if website developers are declaring the purpose of each individual cookie. Browser developers already added a Do Not Track header option and to the surprise of no one, it was a massive failure because websites have every incentive to skirt this stuff.

And today the GDPR law extends much more than cookies, it requires explicit consent for processing personal data in general. Your browser has absolutely no bearing on whether a website's backend will save the pages you visited, the text you entered, your IP address, and whether it shares it with 500 partners or not. This problem fundamentally requires cooperation from website developers and that's why we have the law targeting websites as it is today.