[TeMPOraL]

> Only necessary ones don't need consent, but the bar for "necessary" is high: the software wouldn't be able to function without it and there's no way to implement the software without it. Think: "address" is necessary for "delivery".

Yup. That's literally the point. Phrased in an equivalent form: cookies that require consent are ones you don't actually need.

It's thus not GDPR's fault that a site opts to spam their users with a consent popup - it's their choice to include cookies that aren't required to provide the service.

[jefftk]

You're assuming everyone agrees on "need". People disagree with governments all the time, so it's not surprising here that a website operator might consider a cookie to be necessary for the operation if their service, but the government views their needs differently?

[simpss]

If i can delete the cookie and nothing goes visibly wrong, it's obviously not needed.

Same with blocking a script that sets such a cookie. Most cookies are not needed for providing a service.

edit: see the article 29 data protection working party guidelines here: https://ec.europa.eu/justice/article-29/documentation/opinio...

[chromanoid]

I think they literally mean "technically need". This is objectively deductible.