The point is whether or not "shopping cart" cookies are "essential". I argue that there is nothing about them that qualifies as essential. The contents of your cart can be kept server-side, which means that using cookies to do it is not essential at all.
Making them part of the "essential" set in cookie banners is a category error. This is an important point, in my opinion, because if we allow websites to get away with saying nonessential cookies are essential, then the more obnoxious cookies people widely object to will just be counted as "essential" to evade people's preferences.
Websites seem strongly predisposed to pulling the wool over user's eyes whenever they think they can get away with it, so this category problem is not without meaning.
"Cookies" is just a colloquial way of talking about this tracking. What actually matters legally is what you are tracking, not how you implement it. It is completely irrelevant whether your shopping cart uses cookies or not.
That is completely false unless you are talking about the pre-GDPR e-privacy directive.
GDPR only uses the word cookies once and it comes immediately after the phrase "such as", i.e. it's a non-exhaustive list of examples of ways that you could track someone.
> The contents of your cart can be kept server-side, which means that using cookies to do it is not essential at all.
The sane way to keep the cart contents server-side still involves a cookie on the client.
It's possible to do it in a glitchy way server-side-only, but if that makes a cookie stop being essential then by that definition there's no such thing as an essential cookie.
For a shopping cart you need link the visitor to their cart in your database. The cart doesn’t need a cookie and these identification is not what is meant by tracking
