The law has stupid unintended consequences because it would kill the business of the tracking companies it targets, if they where to follow the intention of the law.
The same companies have their customers convinced that they need data collection to turn a profit.
As a result we see all kinds of stupid attempt to circumvent the law because an entire industry of shady data collectors and brokers have convinced businesses that the only way of making money online is by tracking people.
The basis of your argument is: All data collection is bad.
Therefore, in your model of the world, an evil conspiracy of bad actors are looking to strategically undermine the law with various dastardly convoluted schemes. I understand why you're arguing that, given the premise you're starting with.
However, the majority of business on the internet are not doing evil things with your data. They simply want to better target their offerings to their customers, allow for you to keep items in a shopping cart, etc. If they are providing better services to their customers, they make more money and the customers are happier. It's a win win for everybody involved.
Could it simply be that, most businesses put cookie popups on their sites because they don't want to get fined? Not because they are embroiled in an elaborate scheme to undermine the law?
Could it be that the EU should have created a smarter law that would actually help people be more aware of data tracking? Instead of stupid popups?
> However, the majority of business on the internet are not doing evil things with your data. They simply want to better target their offerings to their customers, allow for you to keep items in a shopping cart, etc. If they are providing better services to their customers, they make more money and the customers are happier. It's a win win for everybody involved.
I wouldn't be so sure. There aren't that many advertising and analytics companies, but they make products that are widely used (and clearly misused) everywhere. The websites using such tools were never told that they could avoid having the banner if they just didn't have tracking cookies.
> Therefore, in your model of the world, an evil conspiracy of bad actors are looking to strategically undermine the law with various dastardly convoluted schemes.
There's no need to straw man secret cabals of conspirators, when it's just business. (Or if you want to get political, capitalism). When big tobacco companies pour money into lobbyists, fund skewed studies, and buy ads to flout anti-smoking legislation, no one calls it conspiracy. Businesses are incentivized to respond in certain ways.
> They simply want to better target their offerings to their customers
They can do it without the cookie notice. For example, Amazon can track what I'm looking at on their site and what I'm buying and store it to their database. They can use this information to offer me what they think I'll like. Also, another user-friendly approach would be for a site to ask me to select categories/topics that I like. Whatever it is, GDPR gives me a right to export the data, review it, and ask for it to be deleted if I don't want the site to have it anymore. No need for cookies in this scenario. What they need cookies for is when one site wants to track what I do on other sites.
> allow for you to keep items in a shopping cart
This is a functional cookie and there's no need to ask for consent to store a shopping cart. This is just a perfidious argument that data tracking companies use to ridicule the law.
> Could it simply be that, most businesses put cookie popups on their sites because they don't want to get fined? Not because they are embroiled in an elaborate scheme to undermine the law? Not because they are embroiled in an elaborate scheme to undermine the law?
The law is very clear about when you need to ask for consent and when you don't need to ask for consent. Most sites implement it in a wrong way, many of them use deliberate dark patterns, for example, when you deny cookies you get a loading spinner that spins for a couple of minutes. These are all attempts to condition the user into avoiding pressing the "slow" button.
How about rephrasing this to: all data tracking that involves sharing a user’s data with third parties is bad and should be outlawed
Using user’s data within the confines of a web app is usually OK so we can put just small much smaller guardrails up to keep companies respecting the public good.
I generally just don’t like my data shared with third parties. A single web site can literally pass your data on to hundreds of companies (as discussed in the book on Surveillance Capitalism).
The same companies have their customers convinced that they need data collection to turn a profit.
As a result we see all kinds of stupid attempt to circumvent the law because an entire industry of shady data collectors and brokers have convinced businesses that the only way of making money online is by tracking people.