I do support this stance, but depending on your setup, there are gotchas website operators should be aware of. I see CDNs as a major hidden aspect: for the government, it looks like you're tracking people, even if you're not. So you'll need to host those JS and CSS frameworks on your own server, which I think is not that much of a problem, just something to be aware of.
However, the next issue is using Cloudflare or similar front ends. For example, I use their free tier on most of my websites. These reverse proxying services / DDOS mitigators / TLS terminators tend to set identifying cookies which website operators have little to no control over.
My point is that the web ecosystem contains lots of integration points that could lead to operators being liable in the eyes of the law, even if they're not actively tracking their users themselves - the services they use, do.
are you liable for third party's using your site for tracking? If you're not using cookies yourself, but you accidentally or otherwise include resources from third parties that are used for tracking, do you still have to display the cookie notice?
I think so, yes. For example, if you're including a Facebook button, that counts. So including JS from a CDN would also have to count. And when you're using a reverse proxy, I think it's not distinguishable anymore whether it's you personally collecting user behavior of whether it's Cloudflare doing it on your "behalf".
However, the next issue is using Cloudflare or similar front ends. For example, I use their free tier on most of my websites. These reverse proxying services / DDOS mitigators / TLS terminators tend to set identifying cookies which website operators have little to no control over.
My point is that the web ecosystem contains lots of integration points that could lead to operators being liable in the eyes of the law, even if they're not actively tracking their users themselves - the services they use, do.