[Rechtsstaat]

> every web site had somebody involved who officially or not served as a "voice of the user"

Not really, no. Before GDPR lots of websites also had popups for example asking you to subscribe.

The cookie law introduced lots of annoying popups that were of no use, I agree with that. GDPR at least made it so that you can be sure you have the option to disagree to tracking that way.

Personally, I don't know anyone that would blame developers for 'not having empathy for users' or something similar. The consensus seems to be that the fault lies with the people in charge of a) the website making use of monetization through user tracking and b) the services that allow websites to monetize user tracking.