This whole cookie dickover concept is malicious compliance. The goal was: no tracking but ask consent if you must ("who would do this, that would be super annoying"). Except every website decided they'd rather annoy everyone.

Well… Europe do require the accept and deny options to both be equally visible and accessible, see for example this week-old court ruling:

> Administrative Court (BVwG), thereby upholding a decision made by the Austrian Data Protection Authority in 2024. Specifically, the ORF must ensure that the buttons to ‘accept’ or ‘reject’ tracking cookies are designed equally so that visitors are not tricked into agreeing.

https://noyb.eu/en/noyb-success-orfat-must-correct-misleadin...

Yep. Without Europe, we'd have no idea which websites were trying to sell us out to the highest bidder.

GDPR doesn't mandate cookie banners, it says that you simply cannot store irrelevant PII for the sake of it. That's the point of it: to protect the privacy of the public against "data brokers" and other scum. You're welcome.

People seem to have forgotten, but cookie banners were a pest before GDPR. And newsletters and login popovers, those are GDPR?

Europe is why you have CCPA