The problem isn't lack of a solution, we've had DNT for years. It's that the people who want to track you generally don't want to make it easy for you to opt out.

Yes, this will need legislative backing. We had the GDPR since the DNT.

I also just discovered the GPC which seems more interesting: https://globalprivacycontrol.org

Actually, GPC support is required in CPRA. CPRA, if you're not familiar, is the California privacy law.

And they will mark all the advertising cookies as "Legitimate interest", as they've already started to do that with the confirmation prompts.

The "legitimate interest" of selling you shit you don't want and selling your interests to third parties.

Would this get past the GDPR? I get the defeatism, there are powerful actors, but it doesn't mean we shouldn't try to improve the situation.

No, it's not legal. It's clearly not legal, it doesn't need a case. It's well established in the law as it was written.

It's just that the enforcement agencies are large, lazy and won't enforce anything. They don't even enforce when you can prove beyond a shadow of a doubt when and how the corporations have leaked your private information, let alone when their use of cookies is illegal.

GDPR enforcement actions are happening quite often in the EU.

https://www.enforcementtracker.com

It depends on the country. When I filter for specific countries, it really can be very rare.

Look at the difference between Germany and say Austria, for example. Or if you must compare two large countries Germany and France. There is quite a large gap between different countries.

Isn't this one of those things that is going to require a landmark case?

Nothing prevents a company from doing this, but it's definitely not GDPR compliant.

I am sure it will be as successful as do-not-track.