For example, IP addresses are not really personal, but including them as such creates layers of ambiguity that undermines other positive aspects of the law. It's the typical outcome of politicians not really knowing the domain they're affecting.
Also what's especially interesting is that CCPA was effectively bankrolled by a single person, which should raise some alarms about political power used by the people.
Arguably, this is one of the reasons why the GDPR was necessary.
Is that even true? If I never consent do I get no cookies left on my browser?
> When assessing whether consent is freely given, utmost account shall be taken of whether, inter alia, the performance of a contract, including the provision of a service, is conditional on consent to the processing of personal data that is not necessary for the performance of that contract.
This would suggest consent may not be freely given if it was obtained by conditionally providing a service based on consent bring obtained for processing of extraneous data.
Recital 42 adds:
> Consent should not be regarded as freely given if the data subject has no genuine or free choice or is unable to refuse or withdraw consent without detriment.
I don't think many users have a genuine free choice on many websites, although admittedly it's now mostly the worst offenders to blame here - the average site probably does have an opt-out now that actually works (!)
Recital 32 also appears to deal with the annoying, interrupting, semi modal nature of prompts we see on ad-laden sites:
> If the data subject’s consent is to be given following a request by electronic means, the request must be clear, concise and not unnecessarily disruptive to the use of the service for which it is provided.
Browsers can be changed, but instead of picking a reasonable well thought through solution the governments crammed a quite horrible solution through. I honestly don't see how that protects the people who are most vulnerable nor anyone else really.
At least for Firefox this is not the case. Anyway, extensions like uMatrix exist.
> the DNT header
The DNT header is yet another way for sites to track you. I am glad it failed.
And clicking decline on cookie banners or your unique combination on the multiple choice cookie disclaimers wont allow sites to track you?
GDPR rectified some of it but added much more granularity which is why cookie popups have now turned into giant selection windows.
Companies built on surveillance capitalism should be shut down. Full stop.
I think whatever problems the cookie laws that got us all the popups are trying to solve would be better solved in conjunction with some technical changes. Like I could say in my browser what sort of cookies I allow - or set up some rules. Sure sites can just break the law and disregard this - but they can do it now anyway by just saving cookies even if I click "don't allow" or "decline" on the dumb popups.
I suppose that, to draw a better analogy with Prop 65, the requirements of Prop 65 did supposedly cause some manufacturing materials, certain dyes, rubbers, foams, and plastics, to be drastically removed from the marketplace. The story of lead alone is worth considering; as usual, lead was in the pipes.  We are not expecting a wave of cookie warnings, and indeed CCPA's language doesn't allow for it. Some businesses will have to alter their practices; some products may have to be withdrawn from the market entirely. The worry that children might get used to clicking through EULAs and giving away their data has already been shown true by the previous generation of Internet users; at this point, we are merely trying to curb the damage continuing to be dealt and done.
And remember: For every ingredient that needs a warning label, that ingredient also can't be dumped into streams or rivers. It's not just about a prettier warning label on the product, but about real improvements to the manufacturing process.
Most people I know would be.
My point is that there's no chance it will happen. Any fallout will be just a new burden to users.
To me, this indicates that the drafters of the law probably didn’t really think it through.