> A flag called DO_NOT_TRACK sounds like a good idea, but also suggests the default is CONSENT_TO_TRACK=1, and I find that creepy.

It could also be used to prevent showing an opt-in notification at all even in software that requires opt-in.

I actually consider such a flag to be problematic. I don't want to give out any information - of course I never want to be tracked, but marking this via an ENV variable alone, already makes zero sense to me. I don't understand people who like that while claiming they do not want to be tracked; if they give that information, then this means they are marked.

Do not track WHEN?

This flag is sent by my browser when I connect to SOMEONE ELSE’s SERVER.

The internet only took off because the primary business model which ran on ads and derivative information that servers do to their users.

It’s not fun. It’s not private or secure. It’s not illegal (in most jurisdictions for most industries). The flag exists as a response to the de facto and de jure state of the world, not some fairytale scenario.