[BryanGiese]

Interesting perspective and I can see some of the intent here, but it takes an odd slant to the issue. There are a few failures in logic here (random number becoming PII, only tracking on one browser, laws protecting you from getting robbed) that detract from the goal of GDPR which is to outline the user's digital rights, not define how data can be collected. GDPR does not define the technological methods because those will always be evolving, much like our understanding and expectations of data privacy will evolve. I agree that users need to educate themselves on how to protect their own data, but there is a ton of technology that they either aren't aware is being used, or simply don't understand. GDPR isn't perfect but it will help in the long run. Here is a summary of some of the details and how it will impact what developers need do as they architect software. Some companies will take it seriously, others won't. Then consumers may decide who to do business with. https://fusionauth.io/blog/2019/01/29/white-paper-developers...