Comment by zak-mandhro

Totally agree — "Do-Not-Track" was a great idea, but without real enforcement it became a polite suggestion nobody listened to.

I also completely agree that "cookie" should be interpreted broadly — not just literal HTTP cookies, but any client-side tracking (localStorage, IndexedDB, fingerprinting, etc).

If enforcement actually happened at the storage and tracking level, and browsers had native consent handling, the entire dynamic between users and websites would shift dramatically.

Curious — in your view, would it be better for the EU (or regulators) to issue a technical specification for how consent enforcement should work? Or just mandate the outcome and leave it to browser vendors to figure out? (Feels like that choice matters a lot for real adoption.)