I didn't say it’s a mandate. It’s a terrible side effect and a loop hole.
The second part of my comment is about businesses going though GDPR checklists. I did one for my firm. It’s not too bad but if you read the entire GDPR booklet, there are varying levels of adherence to GDPR. Most small businesses check off things but the boots-on-the-ground effects are negligible. On the other hand, you could technically be liable for lawsuit, but what I hear is that GDPR isn’t enforced for small businesses like mine. That’s troubling.
My fear is.. I'm one of the "isn't often" exceptions. I don't use an electric skateboard, or j-walk. I've been fined for both. If there is an edge case for a fine, they will fine me.
In general GDPR are enforced across the board. But there are so many websites and companies that there are no resources to check everyone if a breach is not brought to the attention of the relevant authority.
Between the GDPR and other cookie laws, explicit consent for each specific use is required, as far as I understand. If so, pop-ups are an unavoidable consequence because, again, websites don't really want to ask you they want you to consent (obviously since they rely on this)
The second part of my comment is about businesses going though GDPR checklists. I did one for my firm. It’s not too bad but if you read the entire GDPR booklet, there are varying levels of adherence to GDPR. Most small businesses check off things but the boots-on-the-ground effects are negligible. On the other hand, you could technically be liable for lawsuit, but what I hear is that GDPR isn’t enforced for small businesses like mine. That’s troubling.