I wonder to which extend the GDPR EU Law will have an impact on tracking cookies ?<p>(Could we prove that a cookie can actually contains personal data, let's say, if the same cookie is spread among enough websites and track everything you do ?)
The bigger impact on cookies in general will have the ePrivacy regulation [1], but it is not yet finalized.<p>For example, the proposal clarifies that no consent is needed for non-privacy intrusive cookies improving internet experience (e.g. to remember shopping cart history) or cookies used by a website to count the number of visitors.<p>[1] <a href="https://ec.europa.eu/digital-single-market/en/news/proposal-regulation-privacy-and-electronic-communications" rel="nofollow">https://ec.europa.eu/digital-single-market/en/news/proposal-...</a>
Setting aside GDPR - Setting a 3rd Party cookie already fails in enough situations (Safari) that if you really wanted to trace a user cross several site, you'd require a different solution anyway.