[joshuaissac]

> Another possibility is, that the browser could, in a standard header, with a bunch of standardized flags, tell what the site may or may not do with the data they gather about the surfer.

There was a W3C standard called P3P which is similar to what you describe. It was implemented by Internet Explorer, but fell into disuse long before cookie notices became common. Bringing back something like that would be an improvement over having to deal with cookie banners per site.

[Macha]

It fell into disuse as compliance was strictly voluntary on the part of websites. So they did not comply.

[lallysingh]

In an international internet, how would any non-technical requirement get enforced? Legal is easy to skip. Just run the website by a subsidiary housed in a less regulated country.

[bscphil]

Isn't that just an "in theory" though? In practice, a ton of sites have these cookie warnings because the EU mandated them. If a large enough legal body mandated that websites obey prescriptive privacy statements from their users, most legitimate sites probably would.

[tgsovlerkhgsel]

The same way GDPR is enforced. Given the cookie popups I'm seeing everywhere, it doesn't seem to be toothless.

Realistically, if the EU were to impose such a rule, then any ad company doing business in the EU would have to follow it. Thus, any web site deriving any significant revenue from EU advertisers would have to follow it. I'd strongly assume that it's not possible to effectively monetize EU eyeballs without EU advertisers. Of course, anything operated by a EU company or hosted in the EU would also be subject to these rules.

While some local US news would certainly take the "we block all traffic from the EU" approach to avoid dealing with it, the advertising and tracking landscape would quickly and drastically improve.

If now, for example, California would also decide to copy these rules, this would very quickly be the worldwide standard.

[totalZero]

That isn't much of a solution if you do business in the foreign country whose requirements are being circumvented.

[jbd0]

Isn't it also possible that the site will not comply if you ask them to "not use cookies for advertising" via their form?

[ccheney]

There's also DNT (do not track) where the standards group was disbanded[1] in early 2019

[1] https://github.com/w3c/dnt/commit/5d85d6c3d116b5eb29fddc6935...