I cannot write about the policy details or the implementation, for a start I am not involved in either, but the discussions around this particular issue have triggered a couple of thoughts on my part.
The first is the trite observation that this is a reflection of the many local vs. global tensions which the Internet raises. It is almost insulting to compare cookies to democratic liberation movements but they are both the result of local barriers being replaced by global platforms. And in return, local communities seek to raise those barriers in the new global space – be it cookie management or content filtering.
The second thought is that Internet commerce is based on a single point of vulnerability – not security – but identity management. We have struck an implicit and at best slightly understood agreement that we can shop and access services online in return for our interests and our activities being tracked and being sold onto the highest bidder.
The EU cookie proposals challenge that implicit agreement at a local level but what would happen if online tracking suddenly became a global concern? What if the Mozilla work on Do-Not-Track and the Microsoft work on cookie filtering become the norm for all rather than the exception used by just some of us? What if online tracking goes the same way as smoking or wearing fur?
What does the Web, what do business models look like in that world?
Any business model based on a single point of vulnerability is problematic, if that business model drives much of the valuation of the Internet economy then what happens?