This whole cookie dickover concept is malicious compliance. The goal was: no tracking but ask consent if you must ("who would do this, that would be super annoying"). Except every website decided they'd rather annoy everyone.
Right the intention was to stop unchecked surveillance capitalism, now they use the normalcy of annoyance to wear you down such that you auto accept terms that you probably wouldn’t agree to if you read them. That’s what they want now.
This and other bad behavior will only go away when government says, “no this is predatory and you can’t do it” instead of saying “everything is OK if the user consents to it”.
Well… Europe do require the accept and deny options to both be equally visible and accessible, see for example this week-old court ruling:
> Administrative Court (BVwG), thereby upholding a decision made by the Austrian Data Protection Authority in 2024. Specifically, the ORF must ensure that the buttons to ‘accept’ or ‘reject’ tracking cookies are designed equally so that visitors are not tricked into agreeing.
GDPR doesn't mandate cookie banners, it says that you simply cannot store irrelevant PII for the sake of it. That's the point of it: to protect the privacy of the public against "data brokers" and other scum. You're welcome.
People seem to have forgotten, but cookie banners were a pest before GDPR. And newsletters and login popovers, those are GDPR?