The GDPR makes it opt-in, and this behavior is absolutely in breach of it.
Two problems:
* there's a lot of misinformation around the GDPR even in the tech community
* some of this misinformation is most likely distributed intentionally, either to derail the GDPR itself or to continue profiting off nefarious things (marketing, etc) while pretending to comply and getting business via that (the majority of "GDPR compliance solutions" are absolutely not compliant, and yet companies pay for them)
* some GDPR criticism is clearly in bad faith by vested interests who currently make a lot of money from breaching it (including on this community)
* the regulators have been absolutely incompetent or unwilling to enforce it.
This would absolutely not comply with the GDPR. Under the GDPR, consent for non-essential data processing purposes should be granular, so people should be able to opt in selectively.
Two problems:
* there's a lot of misinformation around the GDPR even in the tech community
* some of this misinformation is most likely distributed intentionally, either to derail the GDPR itself or to continue profiting off nefarious things (marketing, etc) while pretending to comply and getting business via that (the majority of "GDPR compliance solutions" are absolutely not compliant, and yet companies pay for them)
* some GDPR criticism is clearly in bad faith by vested interests who currently make a lot of money from breaching it (including on this community)
* the regulators have been absolutely incompetent or unwilling to enforce it.