Comment by skydhash
> It’s fascinating (and honestly a little tragic) that a lot of the cookie chaos comes down to basic unsolved problems like "how do you remember privacy without remembering identity?"
That's an easy answer: Do not store anything that will infringe on people's privacy for anything that's not the intended feature people use. If I' visiting an ecommerce site, there's nothing that warrants Google being aware of which product I'm clicking on.
100% agreed on the core principle — "only collect what you actually need for the feature the user is engaging with."
The frustrating part is that so much of modern web infrastructure (ad networks, analytics, personalization layers) depends on quietly hoovering up far more than the feature strictly requires.
I sometimes wonder: if browsers enforced "functional data collection only" as a technical baseline — like enforcing CORS or CSP today — how much of the tracking economy would collapse overnight?
Curious if you think real technical enforcement (browser-level) is the way forward, or if we’re stuck waiting for another round of slow, partial regulation.