I think we should disable local-storage entirely, all of it. 99% of the websites out there don't need cookies. And for the 1% that do need it, how about we build tech around a central authority issuing "cookie issuing" licenses that the browsers respect. Have it become a process and trust-chain similar to certificates so that we can block/ban root certs that allow tracking en-masse.
But until then, please developers stop putting the damn shopping cart in cookies and local-state, just persist it on your damn DB and only allow me to have a cart after creating an account with you. That is your damn consent for you to track me, not your stupid GDPR popup that you spam me and every other visitor to your site.
That would fall under the 1%. They get a cert or whitelisted or something such that browsers would "allow" them to request the browser to store cookies. Perhaps the type of data to be stored is also restricted in the certificate itself so the site can't deviate from the storage they've been granted.
I don't know, it's just a random thought and not fully fleshed out. I'm sure there are millions of much smarter individuals than me that could figure out the details and nuance. Point is that we need to think outside the box if we are to fix the web. But doing it incrementally with "input" from ad-companies such as google is not going to work.
So you want the ability to be a modern website held by a centralised authority? The world is not a world of static websites anymore; it is a world of applications accessible by a web browser. That would be a huge and unjust centralisation of power.
The most should be a consent popup, similar to how websites request to use the camera.
But until then, please developers stop putting the damn shopping cart in cookies and local-state, just persist it on your damn DB and only allow me to have a cart after creating an account with you. That is your damn consent for you to track me, not your stupid GDPR popup that you spam me and every other visitor to your site.