> I want privacy codified in human law

Article 12

No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks

- Paris, 1948, Universal Declaration of Human Rights

> It pains me every time a “well behaved” website pops up a cookie consent banner for the billionth time after I already consented because the browser wiped all the persistent user identifiers available to it.

Do yourself a favor and enable the Cookie lists in uBlock Origin.

I'm personally grateful that a law requires my consent before tracking me. That means I should not be tracked without me saying OK without monetary risks.

The reason is our government and regulators are captured by business concerns which profit from our data. The government in turn views mass surveillance as a powerful tool for social control. Although there are many more people whose privacy is violated by these policies than benefit from them, the rich and powerful minority is more organized in its efforts and thus comes out ahead in the balance of power.

"engineers want nothing to do with politics". Do you mean Comcast engineers see this as a purely technical challenge without caring about implications? In general we are seeing more engineers taking positions on a variety of political issues.

> It pains me every time a “well behaved” website pops up a cookie consent banner for the billionth time after I already consented because the browser wiped all the persistent user identifiers available to it. For my protection -_-

https://www.i-dont-care-about-cookies.eu/

Yep, you're right on the money. The correct course of action is for those of use who recognize this to cease arguing on the Internet with those who don't and connect with one another offline. We're in dire need of something akin to a 21st century Continental Congress.

While I agree that we should have legal codes protecting our online and digital rights, I’m convinced that there are enough Bad People on the Internet that we do indeed still need strong technical protections as well.

What law would you propose? I think the hard part is "Instagram and TikTok remain free-with-ads."

>>We suffer from a problem that engineers want nothing to do with politics.

More on point, we suffer from a problem that far too many people of all walks of life want nothing to do with politics.

Plato made the most accurate point 2300 years ago: "The penalty for not being involved in politics is you will be ruled by your inferiors."

And, even though you may not be interested in politics, politics is ALWAYS interested in you.

I think I’m kind of on your side in general, but I have more of the opposite feeling about legal versus technical solutions. If we had no idiotic EU cookie laws, no “consent” bs required, a technical solution would be easy: default segmentation of cookies by what site you are actually visiting, plus all non-first-party ones silently expired after 60 minutes or whatever. It seems like this would be very easy, except for the fact that the number one ad network is also the only browser vendor that matters.

But the attempted legal solutions suffer from being inside the sandbox, meaning all the “cookie management” software is a pile of hacks that barely work, and rely on browsers, as you’ve noticed, to allow their cookies in the service of…limiting cookies. And of course they also suffer from the politicians who wrote them having no clue how any of this works. I suspect if they did, they’d see how dumb it is to regulate that 10,000,000 websites each implement a ton of logic to self-limit their cookies they set (hard to police, buggy) instead of telling 2-3 companies they have to make their browsers have more conservative defaults with how they keep and send cookies back. (easy to prove it’s working with testing).

The problem is that the internet is international and laws are national or even by state.

There are 24 states that require ID to view porn sites. The laws are being completely ignored by popular websites that are not based in the US.

What law do you think mandates those annoying cookie popups?

I’ve been asked at work to build less than savory stuff, here are some general observations, none of which are admittedly an excuse:

* you get caught up in the moment, hell bent on solving the problem you don’t really think twice

* you don’t want to get that stink on you, you don’t want to be that guy that brings this type of stuff up

* you are mindful of the fact that you are being very well compensated to build it and you don’t want to lose your job

* you know it’s going to fall on deaf ears - maybe they will pay lip service, maybe they won’t but either way nothing will happen

* in the back of your mind you figure someone else is fighting the good fight

On and on, so many different things can go through your mind, who knows which it’ll be on any given day, on any given project

Why would you need a user identifier to block a consent banner? You don't technically. The website requires it because it is a shitty website.

It would be enough to have your browser store a cookie without personal information with { cookieconsent: "STFU" } or some variable in local storage. If the website respected that, we would be fine.

Personal identifiers are not needed and foul compromises aren't acceptable.

> Why is it that if someone said “we need a legal solution to gun violence” the people that say “no we need a technical solution all people should wear kevlar and carry 9mm pistols” are considered the lunatics but when we ask for a legal solution to rampant non-consensual tracking for the purpose of indoctrinating the consumer class with propaganda we all laugh and say bah the solution must be technical? I don’t get it

I don’t know that a reasonable person would compare privacy threats to the threat of death from gun violence.

They exist in totally different altitudes of concern.