Hacker News new | past | comments | ask | show | jobs | submit login

What if the EU instead mandated that browser makers have to keep up with, implement, and enable by default the highest levels of tracking protection possible? It would be far easier to enforce that on four or five organizations (half of which already do that) than to try and corral millions of websites into compliance.

GDPR applies to a lot of things that are not mediated by the data subject's web browser. For example, when your grocery store takes your purchase history (from your rewards card) and sells it to a marketing or credit reporting agency. Or when housing or job applications are rejected by error-prone automated background checks. The website stuff may be more visible, but it's not the main thrust of the legislation except insofar as it has exposed how many websites are collecting and trading in your information.

I'm pretty sure the cookies thing predates GDPR

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact