What kills me is the cookie consent stuff, they should of enforced that Do Not Track is honored, and have fees that make sites ensure compliance or be sued over not honoring DNT which iirc was sent as a HTTP header, it would of actually been a meaningful solve.

What a legislator believes is irrelevant. Only what the lobbyist is paid to believe is relevant.

Would you consider the entire European Union a minority of the legislators? Because that's what GDPR is designed to do, make identifying customers well controlled and expensive whatever the method.

Granted, the enforcement should be stepped up.

> Would you consider the entire European Union a minority of the legislators?

No, I was referring only to my own legislators (in the US, and not specifically California). Many other places in the world are doing better.

They should enforce that Do Not Track is honored. Its the easiest way, and websites dont need silly cookie consent dialogs if set.

DNT is ~useless because it's opt-out, whereas "auxiliary", non-essential tracking is opt-in under GDPR.

Websites don't need cookie consent dialogs if they only use cookies to do things that don't need to be consented to, like providing the service they are offering. Look at Apple's website, they don't have any.

DNT may be opt-out. But it should certainly be treated as "Don't even bother asking for consent to track, because I already told you the answer is no, and you'll be harrassing me by asking."

My argument is current laws did nothing to give teeth to DNT. I'm not worried about what the technological defaults are, but I would argue that without DNT being legitimized, it was dead on arrival. We have had it in browsers for ages, and we've dropped the ball on enforcing it for ages.

My other argument is, if you detect DNT, the cookie consent dialog shouldn't be shown at all.

The EU has about 1/18th of the world's population, so certainly that would be a rather small minority.