We'd likely need to have this feature on a "per site" basis and "overall" basis. By default the feature is "managed overall" but could be changed to configure it on a "per site" basis. Then we would use the measurable settings.

The custom tracker.js that ensures cookies cannot be enabled can only be added when the setting is disabled overall. This can be achieved using the 'CustomJsTracker.shouldAddTrackerFile' event like this:

    public function shouldAddTrackerFile(&$shouldAdd, $pluginName)
    {
        if ($pluginName === 'PrivacyManager') {

            $config = new Settings();
            $shouldAdd = !$config->hasCookiesDisabledGlobally();

        }
    }

We would also want to add an "Informational" diagnostic check for this eg in ConfigInformational() so if someone reports a problem then we know how this setting is configured and it will be easier to troubleshoot issues where people say "cookies" aren't working or so.

Not sure how it can be printed in the diagnostic check though when it is configured on a per site basis. Maybe then we can't show it since there could be many sites. Maybe we'd then rather show a summary: Number of sites having cookies disabled enforced: X, number of sites having cookies disabled not enforced: Y

@tsteur I've already implemented #16259 with new SystemSettings / MeasurableSettings classes, and here is another feature that should be available on a global and per site base. I'm wondering if it might maybe make sense to introduce a new class structure for that. E.g. each plugin could define Feature classes, that holds information about a feature that should be possible to enable/disable (similar to the reports or widgets). Based on the definition that feature would automatically be added as SystemSetting and/or as MeasureableSetting. Everywhere else in the code where it's required to check for that feature we could have a simple Feature::isEnabled($idSite).
What do you think about that idea? Haven't fully thought that through yet, but wanted to hear your opinion before spending more time on that or maybe even start implementing that.
Having everything as Settings would be fine as well I guess...

Generally it sounds good but thinking we might not have enough time before the release to do this. Also would need to think this through a bit more as it might not only be enabled/disabled but also other settings/configurations etc. So far it's not too difficult to implement the case where we have a global flag plus a measurable flag so probably won't need it for now. As we move more and more features and configurations to also allow being site specific this will be definitely something to look at eventually.