mjr wrote: ↑7 Jun 2021, 10:54pm
The GDPR cookie opt-in law is not good law because it has not achieved the desired effect of reducing data-sharing and naughty programmers have subverted it by complying in annoying ways with pop-ups, hard-to-find "decline" buttons and dancing bears.
Fundamentally, all cookies do is allow sites to remember data between page requests. This is useful if, for example, you want them to remember that you are signed in, what's in your basket, or what search you were doing and you now want to see page 2 for. The problem is that remembering you can also be used for less obvious purposes, such as tracking your behaviour. I've never completely understood how we came to be restricting cookies, as opposed to restricting tracking.
Or, to put it another way, there are other ways of remembering you between page requests. These could in principle be used to achieve many of the same things as cookies, good or bad. The down-side is that they are often less secure than cookies; for example, when you share a link in the way that mjr describes, you risk embedding your unique session ID, which is supposed to be different from everyone else's.