Comment by atoav
15 hours ago
Btw. as per EU law (GDPR) website owners are required to aquire informed consent for any kind of client side storage if it contains information that is personal. And it has been ruled that any information that can be used to identify returning users is such.
People think the GDPR is just about cookies, but it is agnostic of the technology used.
Maximum fines: €20 million, or 4% of the company's total worldwide annual turnover of the preceding financial year — whichever is higher.
And informed consent means they need to know what data you collect/store for which purposes and there needs to be an equally easy to select No-Option.
This doesn't really address the issue here. The condition here is that a site might decide that it needs to store (say) a copy of the Red Hat server installation package on each user's local machine (20GB) to facilitate repeat visits.
The stored data is not related to the user at all. The problem is that the website gets to silently write 20GB to the user's disk.