[sdfhbdf]

No, the user did not consent. They have to be aware of such systems not game it. The intent and the consent have to be clear to both parties. Agreement is about respect not about malice. If an consent is maliciously hidden away, no matter how technically then it's not valid. Law is not binary in these cases, it's all about the circumstance.

[luckylion]

That's what I figure, but how does that work for e.g. Cookie Consent? The user has a plugin that just clicks "Accept" on the consent overlay. They don't read the consent, they're not aware of what they consent to specifically.

Is their (or their plugin's, acting as their agent) consent valid because they know about the general framework (tracking cookies)? And would that consent depend on the overlay not including any surprising terms (e.g. "you're also buying a washing machine", "you're also allowing us to mine crypto in your browser" or "we may also use browser finger printing, not just cookies")?