Colleges can collect ACT/SAT scores, high school grades, recommendations, and essays. We've seen grade inflation over the past few decades where students can all easily get A's regardless of whether they actually deserve them or not. Students can easily cheat on recommendations and essays. The only objective measure of a student that's not easily cheated are the ACT or SAT. Removing those requirements means that universities have exposed themselves to students interested in cheating their way into college. The result are universities accepting a group of mediocre students who can't do the work and denying good students who can do the work and refuse to cheat.

"It's my estimation that every man ever got a statue made of him was one kind of a son of a bitch or another." --Malcolm Reynolds

(Ironically applies well to Joss Whedon himself. Kind of wonder if one of the show writers was thinking about Joss when they wrote that...)

The only single-source point of failure is me.

Untrue. This derives from the GDPR and the GDPR requires informed consent for storage and processing of any PII. Cookies are not in the GDPR at all. They may be in directives, but only as examples.

Well, if you do not want basic human rights, that is, surprise!, a freedom you do not have. You get them even if you are dumb enough to not want them. For example, you cannot consent to be killed outside of very limited circumstances. And that is a good thing.

Newsflash: The "bureaucrats" did not chose any implementation. The GDPR does not mention any specific tech. There are no laws or regulations requiring any specific technology or implementation.

This is 100% on the web-tech industry which chose to select the most annoying implementation they could. They were in no way forced to do that. All that is required is that any form pf PII can only be stored and processed with informed consent and that behavior data is PII. And that is it. For most sides, they could have chosen to just not track users.

That is incorrect. These rules apply to anybody that does business with EU citizens or stores or processes data of EU citizens, even if that happens outside of the EU. Sure, if its is >99% non-EU citizens and just the occasional EU citizen in there and all business is in all aspects done outside of the EU and you never plan to ever do business in the EU, complaints will not be successful. But as soon as, say, an EU citizen can sign on to your website from the EU, you are affected.

What a load if insightless nonsense. The basis of all this happens to be Human Rights. That the EU does not (unlike the US) ignore those is a good thing.

No. The EU did nothing of the sort. The GDPR only (!) states that behavior data is PII and that storing and processing of PII requires informed consent. Period. The current mess is 100% on the web-tech makers. Specific technologies (like cookies) are not even mentioned in the GDPR. They can show up in legal decisions as to whether a specific technology fulfills the GDPR requirements, but that is it. The EU has made zero specific tech requirements.

The proposed changes are simply allowing more generic consent with less information. That is the only change here. And it is a bad change for the users because it removes control from them.

I think Microsoft never gets enough blame for all the crap they do. They basically only do not fuck up things for the user when they overlook something.

You are mistaken. The GDPR does not even mentions cookies or any other specific technology. It merely requires informed consent for any PII storage or processing. The implementation that so annoys you is in 100% on web-tech makers. In other words, the industry failed to find a good solution for following the law. That is not the fault of the law. Good solutions would have been entirely possible. My take is the current solution was selected to try to coerce EU lawmakers.

You really have not looked at the facts, have you? The thing is, the GDPR does not even mention cookies or any other specific tech. It simply states that tracking data for user behavior is PII and storage and processing of PII requires informed consent and must be default-off.

This is really simple: Default-deny is the law. So a browser must be delivered with all site permissions off. Them when a site is visited that wants to track, the user gets asked.

Indeed. And simple things that cannot really be used for tracking are allowed. The GDPR only states that tracking data is PII and PII can only be stored or processed with informed consent. Most session-local cookies are entirely unproblematic. Most site-specific cookies are unproblematic. The problem is 3rd party cookies and long-term persistent cookies.

Gets a bit difficult if you cannot travel to any EU country or any country with an extradition treaty with the EU anymore, does it? But that is only the last step and was never needed so far. The steps before are huge fines and then a prohibition to do any sort of business in the EU that involves any personal data. These habe both happened.