[aenario]

The GDPR is actually pretty simple : "say what you do, do what you say, let the user say no"

The clusterfuck comes from every single ad-based business toeing the line in a giant tug of war between PR, legal & revenue.

If google had simply written : " Hey, we have a tracker on almost every website in the world, which we will use to monitor all your browsing habits and share with [this list of 100 other business]. This tracking pay for the app you are about to use. [Continue Tracking] [No thanks] "

They would be fine (legally, not financially), instead they use some king of weird pop-up with no meaning, and they now have to pay the price.