The cookie banners were never mandated by GDPR, that's entirely the industry's fault and intent - dark UX patterns to try and annoy the user into agreeing, or a silent protest to the perceived overbearing nature of the GDPR.
They could've just respected a browser's do-not-track header but chose not to. The EU legislators should've done that too, that is, dictate a standardized method for people to opt in.
Or.. god forbid.. not track users?! I know this isn't viable for many businesses, but back then I just removed Google Analytics and all cookies from my sites, so no cookie banners needed.
Oh I agree. I'm just saying, either way that discussion goes, it just's not even the same order of severity magnitude as a corrupt authoritarian takeover.
Could you explain why the state railway of the Federal Republic of Germany uses dark UX patterns to annoy the user into agreeing or silently protests the perceived overbearing nature of the GDPR?
Btw, I can dig up 3 dozen of other state institutions with cookie banners, if you so wish?
They could've just respected a browser's do-not-track header but chose not to. The EU legislators should've done that too, that is, dictate a standardized method for people to opt in.