[notechback]

The legislation was long overdue. It's a bit more complex than it ought to be but the intentions are just fine. The issue is that there's a huge number of organisations that prefer not to comply or have every intention to make things intrusive and annoying so that people click "accept" to make it go away.

Google inserts many of those banners due to google analytics or ads being used. Their main intention is to gather more user data and make users provide data. This is NOT a 1:1 match with what site owners will want - which is to have users and some basic analytics.

The cookie banners are hostile and intrusive because they are designed to be so. The hope is that users are trained to click 'yes' to get rid of the annoyance.

The GDPR explicitly states that technical cookies are fine, so most sites wouldn't need any banner except for using google analytics & ads. So use a different analytics and you don't need a banner.

It's not the law, it's the implementation and the oligopoly of and companies pushing this implementation.