I think a much stronger solution would be to require all browsers to disable cookies by default, and let the user opt into websites that you need to sign into.
In its current state GDPR has effectively just littered the website with popups that don't let you disable "functional" cookies in the popup. Functional my ass. The pages work fine without them. I disable all cookies except on a short list of sites I need to log in. Unfortunate side effect is the goddamn GDPR popups keep popping up on all those news sites.
Yes, I don't understand why this is not handled on the browser level. Back then in the 90s browsers asked the user for every web page that wanted to store a cookie. The situation we have now is not much worse.
But now every web page (at least in the EU) makes some kind of ugly popover and many of them try to convince you to accept all tracking with some kind of dark patterns of UI design.
I don't understand why we won't stop all this nonsense and build this stuff into web browsers as opt-in or opt-out (let the user decide) and therefore ensure that the UI is always the same without any dark patterns.
> I don't understand why we won't stop all this nonsense and build this stuff into web browsers as opt-in or opt-out (let the user decide) and therefore ensure that the UI is always the same without any dark patterns.
Because GDPR covers the everything, not just the web. If we had protections in the browsers, smartphone apps would still be affected. Instead, we fix it on a regulation level and no matter if it's web, apps or quantum-apps, we'll be covered.
The GDPR has no problem AT ALL with cookies. Use as many as you like with no need for popups. However, if you are using cookies to track or personally identify me (advertisers take a bow), then you need to ask my permission to do so. And so you should.
I am unaware of how a browser may possibly be used to block only personally identifying cookies, and besides, putting the onus to do so onto the data owner is against the principle of the GDPR; that personal data is MINE and you must ask my permission to use it.
In its current state GDPR has effectively just littered the website with popups that don't let you disable "functional" cookies in the popup. Functional my ass. The pages work fine without them. I disable all cookies except on a short list of sites I need to log in. Unfortunate side effect is the goddamn GDPR popups keep popping up on all those news sites.