[zeroz]

In my opinion the whole 'cookie banner industry' sucks. From a customer perspective I'm completely annoyed with different types of banners wasting my time with searching the right button, waiting because of artificial delays, clicking through layers of fake settings to find the reject option and other dark patterns. However, from a provider perspective things a not better. Unnecessary waste of time and money to look for plugins and services to deal with cookie walls to avoid GDPR problems. Best thing would be a EU enforcing the use of a standard browser API to ask for tracking. Just as simple as asking me if I want to share my location or webcam with an option to remember for this domain.

[jeroenhd]

I really want the web browser industry to come together and form a new kind of P3P standard, complete with some example libraries for people to use on the backend.

Sadly, the browser market is dominated by Google, who has a direct interest in tracking people, Apple, who operates in proprietary protocols unless they absolutely have to, Microsoft, whose stalking exceeds even Google's at this point, and then a tiny slither of well-meaning but overall badly-managed open source projects.

Relying on the DNT header is difficult as "tracking" can be interpreted in a number of ways, especially by the data vampires of the advertising industry where they have developed many nice words to make their business so sound harmless. We need a better protocol, implemented across the board, for this to automate away these ridiculous popups. If a sufficiently flexible protocol exists, I'm sure it'll be taken up by either Europe's DPAs or even new legislation, though existing legislation should already be sufficient.

The EU should not, and generally doesn't want to, specify which technologies get used because technologies develop faster than bureaucracy. The hastily thrown together Brexit accords mention Netscape Navigator and ancient, insecure, outdated cryptography because they decided to include that in legislation many years ago and the accord was just a combination of existing EU and UK laws thrown together. We don't want that to happen again, especially on a larger scale.