[jeroenhd]

The cookie banner is an implementation choice. Companies can already accept the DNT header to stop tracking. I believe Medium does this, it even replaces embeds with click through elements so external scripts can't track you.

However, choosing to respect the users' wishes isn't very profitable. You need to make your ads relevant to the content somehow andtthat requires effort and skills. It's much more profitable to trick people into consenting with tracking so you can sell their information, so the more annoying your cookie popup becomes, the more money you can make. IAB has already been fined for such a popup mechanism.

"Do not track" is not enough to comply with GDPR because you must also be able to request a copy or corrections of your personal information once you have given consent. Then there's the option to allow some companies to track you (say, analytics companies) but not others (say, Google) that needs to be taken into account.

Back in the day, Microsoft's P3P protocol was trying to fix this problem, but nobody used it. DNT headers also aren't really configurable in the browser itself, you can only pick on or off.

A protocol is being developed that may solve this (https://www.dataprotectioncontrol.org/) but I'm sure it won't work until the EU forces company to take such protocols into account. After all, ignoring people's wishes is literally how these ad empires are making money now.