Cookie popups weren’t the result of GDPR.

They were the result of the earlier “ePrivacy” directive from 2002 and revised in 2009.

Many people confuse these two pieces of legislation, but cookie popups were already an endemic problem long before GDPR.

>There already is a better solution and always has been, it's called setting cookie preferences at the browser level and then leaving it.

This is really not a solution, browser already had a black and white option to allow cookies or not, or allow JS or not. The proposed idea is to give only 1 place where you can accept or not accept tracking, then you want to really read a website or your work/bank forces you to read a page and you have no choice then allow cookies for everything and accept all possible tracking because some HN web dev did thinks is mmuch smarter then a group of consultants. lawers and privacy advocates.

If tracking is legal then Allow/Disallow tracking should be per website and always should be 100% transparency on what is tracked and shared with, Tech people could create browser APIs for example, you could have a in browser cookie popup where web devs could populate the text message about "We care about privacy" , an array where web devs can populate with the names, links and terms of use for the 100+ partners. Then all websites will share same native popup, and implement it correctly with no dark patterns, there could be a 3 line extension to click allow or not allow for people that really want to accept or not accept. But this browser APIs won't happen because Google controls the web , Mozilla is on it's last breath and Safari is still screwing around with missing JS and Webgl features and other bullshit.

Edit: Also a simple law as propsed with "make cookies a setting for all websites per browser) is not good since you can use the localstorage,fingerprinting or other tricks to go around the law, so proposed idea is bad.