Learned helplessness. Teach the citizens that the only thing protecting them from the Big Scary Internet is their benevolent government. Meanwhile the politicians collect millions from the mass media companies that lobbied for the god-awful implementation of the law we all ended up with, and as everyone gets worn down into Accepting All always, they simultaneously forget that their User Agent holds all the cards (or in this case, cookies), and it can be instructed to do anything the User wants with them.

Did you just take a problem that free market tech created and blame it on the government? ;)

User agent sovereignty would be nice... except the most used browser and 1/2 of smartphones are controlled by Google, the largest ad tracking company on the planet.

We're way past the 90s.

This particular problem with annoying cookie dialogs is actually a government-created problem though...

But I do agree with you that "free market tech" created the problem of "tracking cookies are ubiquitous and users don't know how to control them". But then regulators just layered another annoyance on top of that, instead of solving that actual problem.

Google, the same company that provides a litany of fine grained cookie retention options in its User Agent’s options page? Except thanks to the government’s antagonistic policies (read: big-media’s lobbying) those are useless as you need to keep on clicking the damn pop ups every time you visit a page “anew”.

Also never forget we already had a perfectly good solution in the form of Do Not Track headers that a benevolent governing body would have simply mandated abiding by. Instead we have this shithole.

DNT was ignored from the time it was implemented.

The only way it ever would have been respected if it was required to cryptographically sign an acceptance of cookies, then the server was required to retain that attestation as proof of acceptance, subject to legal liability if they were found in possession of tracking data without a valid attestation.

Absent enforceability, even when the server actively and maliciously decided to ignore it, it was a toothless solution.

The EU just should have said "if you don't respect DNT, go directly to jail and don't pass Go".

How would not respecting DNT have been proven?

The rub here is that everyone wanted to ignore DNT, because it made them lots and lots of money.

How can you prove that they respect your preferences in those consent theater pop ups?

I think those pop ups are the worst thing that ever happened to the web because they eliminated the moral authority that anyone had to say “it is user hostile to use pop ups”. Once the EU made it appear “required” and even “laudable” or “prosocial” there was no basis to say “you shouldn’t put this other popup in that will make users feel harassed”.

So now we get pages where the popups get in the way of the other popups.

Point.

I suppose the formalism around popups, and specifically when the EU decided to start levying fines on entities who used dark patterns to avoid the spirit of "accept/reject must be equally easy to click", convinced me that user-visible was a better way to win the fight.

Granted, it's not a technically optimal solution, but it may be a politically optimal one. Vis-a-vis the people vs the advertising industry.

I'm unconvinced that DNT would have ever garnered the same support as something that people, and specifically politicians, can see. Which would have led to ad money quietly carrying the day.

I'm hopefully after we've chiseled "Thou shalt respect user decisions" in stone deeply enough, we can flip back to enabling a user agent to automatically respond to that question for us.

It does make visible how absurd the situation is. You might imagine an advertising system would require one or two cookies but it's so shocking to see that some ordinary site would have 40 third part cookies. Some of that is the use of these embeds from the likes of Facebook, Twitter and YouTube and some of it is the "knives out" situation where nobody trusts anybody in the adtech universe and the answer is to have 10 different authorities collecting information and assume they can't all be colluding with each other. (e.g. everybody has a reason to understate or overstate views or clicks and naturally there is attrition in the pipeline so the numbers won't add up perfectly.)

GDPR doesn’t involve any of your crypto-nerding so I don’t see how this is relevant in any way.

Is it the time of the day where I make Brave advocacy again?

Brave has shown that we can have an user agent that is aligned with the user, even if the browser engine is made by Google.

That's a very good example of "argument-by-Google". You know what conclusion you want to achieve, so you just go around looking for statements that are either taken out of context or misunderstood and that can be backed by a (shallow) google search.

For the record: go back to the article that you are (wrongly) alluding to [0] and see how much the author has retracted. Also, see the response from Brave's Chief of Search.

I "have" to keep advocating them because all the opposition that is presented is always based on false information, biased and prejudiced and clearly made by people who never used the browser or tried to understand the value proposition.

There are tons of things to criticize about Brave (their "partnerships" with Binance and Solana, their complete lack of interest in making BAT an actual currency for payments online, them completely losing the train of decentralized social media) but none of that ever comes up from the detractors, only this kind of bullshit like the one you bring up.

[0]: https://stackdiary.com/brave-selling-copyrighted-data-for-ai...

I'm just going to quote the updated, follow up article:

The Brave Search API does not respect the site's licensing, and Brave is under the assumption that 1) because they are a search engine and 2) because they attribute the URI of data - this puts them in the clear to scrape and resell data word-for-word.

Brave steals data and resells it, and is not to be considered a trustworthy entity.

The article went from "selling personal data to AI companies" to "selling results in the API search with a longer summary than Google which might be a violation of fair use policy", and yet you still don't want to back down.

Aside from what ethbr0 said, which I agree, that you're blaming the victim, I want to address the "learned helplessness" idea.

I heard recently that's actually wrong. We are born helpless, and learning to take control. The helplessness is innate, and we learn to overcome it.

In democracy, the innate helplessness of citizens is overcome by learning to participate in governance - activism, elections, public functions and so on.

The people who say "government does nothing good ever" are the ones who want to keep people in their natural helpless state. It's like telling a student, "you're doing it all wrong and can never be good".

You are definitely not born helpless. Babies keep screaming until they get what they want. They also tirelessly try to master mobility. Learned helplessness would mean they wouldn't even try crying or moving.

I think you're arguing beside my point, I am referring to psychological concept of "learned helplessness", and how is that wrong. That concept doesn't imply that helpless people fall into a total coma, it just means that they don't attempt certain things.

Speaking from experience, babies and toddlers will attempt to do absolutely everything, including flying (which will fail) and using smartphones (where they succeed remarkably).

Learned helplessness can by definition manifest only after you have tried something and failed. Hence you cannot have learned helplessness after being born, because you had no opportunity to try anything yet.

Please don’t tell me you’re unironically arguing “learned helplessness” doesn’t exist because you “learned” you’re born “helpless” and the only path to actualizing change as an individual is through the official government sanctioned mechanisms… because if that is your honest argument… wow.

For reference, in my experience, the public works projects that get front page news coverage with tons of anecdotes from locals about how incredibly helpful and long-needed the installation was, are those that were completely unsanctioned.

And the only path to substantial policy change in all of history has always been violent revolution.

I am not sure what your argument is. I explicitly list activism as one of the options, so I don't claim you have to always go through official channels.

But especially in democracy, you have a lot of opportunities to use official ways to institute change, like being elected or vote.

I also think there is plenty of positive social change that happens non-violently.

I have to admit, for the non-technical folks like not-ourselves, I don't understand why people dont know about such "simple lifehacks" -->

You're knowledge is sound, but rather than condescedingly relegate people to your 'simple' workaround - the ENTIRE premise of cookies and tracking against ones implicit desire to be private, is assinine.

you should care because often this agreement is not about the technical detail of cookies, but allowing the company you are interacting with to share data about you with 3rd parties.

If you think which HTML div element you click on to dismiss a sticky banner has any bearing whatsoever on how your data is handled server-side, I've got a trip to the Titanic in an Oceangate submersible to sell you.

Legally it does, at least if you're in the EU. The only reason websites are slow on the uptake around this is that the legal gears are slow, however we have seen many considerable fines in this space in the last few years and things are improving.

It's also in direct violation of GDPR.

Or just use private window in the browser and then close it.

That assumes that the entity ignoring the law is operating within it to the extent of requiring your consent. GDPR goes much wider than explicitly cookies.