But what's the alternative approach to the cookie law? A yes/no consent page before your site, and if you click no, the user doesn't get to access it? Because that's basically the same thing, but even more annoying.
If you click no, a single, non-tracking cookie (i.e. "optout=true", not a session ID) is set, and you get to use the parts of the web site that don't require cookies to function (which, for 99% of the cookie banners I've seen, is all I wanted).
Furthermore, if I remember correctly, no explicit consent is required where the cookie has to be used for features the user requested, like a shopping cart.
So, if the law was actually written to require what it was supposed to require, and actually enforced, a web site operator would have the options to either:
a) implement an opt-out globally across the entire site to ensure no part sets a cookie and doesn't track them, with a high risk if you get it wrong, annoy every visitor with a modal yes/no before letting them onto the site (which would hurt your conversion rates etc.), where the "no" would be a meaningful choice that would still let them use your site, and there would be very little incentive for the user to click yes
b) stop tracking users unnecessarily in general
As it is written, the options are:
a) implement an opt-out globally across the entire site to ensure that no part sets a cookie and doesn't track the users, with a high risk if you get it wrong
b) slap an annoying banner on your web site
One of these options is significantly less work and allows you to keep tracking users, so guess what gets done.
Which is why there is the "And more importantly you can revoke it (at any point) and the site can't deny or degrade the service (unless the data is strictly necessary for a specific action related to the service)." point - you're not allowed to deny access to a newspaper article if somebody does not consent.
You can only degrade when the users denial exactly relates to the function of the service.
I have history turned off in google maps. I can’t name the points I make, it tells me I need to turn history and tracking back on. I hope that becomes an unjustifiable degrade.
I may have understood wrong, but it seems to me that for your maps degrade, the tracking may relate very much to the function of the service. How is the server supposed to remember the name you gave to each point without tracking you? Remember, there are many round-trips to the server when you're scrolling and resizing a map. They could always move point-naming override client side, but that's a pretty big change.
Furthermore, if I remember correctly, no explicit consent is required where the cookie has to be used for features the user requested, like a shopping cart.
So, if the law was actually written to require what it was supposed to require, and actually enforced, a web site operator would have the options to either:
a) implement an opt-out globally across the entire site to ensure no part sets a cookie and doesn't track them, with a high risk if you get it wrong, annoy every visitor with a modal yes/no before letting them onto the site (which would hurt your conversion rates etc.), where the "no" would be a meaningful choice that would still let them use your site, and there would be very little incentive for the user to click yes
b) stop tracking users unnecessarily in general
As it is written, the options are:
a) implement an opt-out globally across the entire site to ensure that no part sets a cookie and doesn't track the users, with a high risk if you get it wrong
b) slap an annoying banner on your web site
One of these options is significantly less work and allows you to keep tracking users, so guess what gets done.