In the world of cookies, there isn't too much room for improvement - websites have to stick by the laws that are set out in the regions they're based. Two of the most important laws that set the instructions on how cookies should be used are the EU General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA):

1. GDPR places limitations on what businesses and organizations can do with the sensitive personal data that they collect. It’s the strongest attempt to this date to regulate the flow of data within the modern technology age. GDPR provides one consistent data protection framework across all EU countries. It impacts what businesses can do with sensitive Personal Information they collect, and it is enforced with fines for data privacy breaches.
2. CCPA is designed to shield consumers from the most aggressive forms of data mining operations. If you do any kind of business with residents of California, the CCPA will have a significant effect on how you collect, use, and store consumer data. The law gives a broad definition of what it means to collect information. It can mean information that is freely received, rented, accessed, obtained, gathered, purchased, or derived in any manner.