[rycomb]

Many people here seem to forget that cookies aren't the only way to track, and fingerprinting a user is easy without having to use cookies (via UserAgent, IP, canvas data, and a myriad other techniques).

Now, I wonder what does the GDPR and similar legislation say about those, but my uneducated guess is that a user accepting the site's policy regarding user data collection would approve the use of fingerprinting as well (and deleting the cookies would only work partially, privacy-wise).

[Nextgrid]

The GDPR indeed covers fingerprinting and anything data that can be used to identify someone - the idea that these consent forms are specifically about "cookies" is a lie that's being spread by stupidity or malice. See my other comment for more details: https://news.ycombinator.com/item?id=30964163

This is also why there is value in not clicking "accept" even if you already block cookies and/or run in private browsing mode.