I wonder - why didn't the the EU put the burden on user agents a.k.a. web browsers to handle the cookie notices? When I visit a site, before saving any cookies, have my user agent ask me if I want to allow cookies for that site. Could have a default "no cookies" option with a whitelist, or default "yes" with a blacklist. It would have been so much easier, with a far more consistent UX, wouldn't it have? Now we have to put up with 1,000 different flavors of invasive banners, popups, "necessary cookies", etc.
The EU doesn't tend to require specific implementations - the banners aren't a required implementation, either. It's just what the advertisers thought works best to get their desired outcome.
There was the DNT header. Few sites acknowledge it (and thanks to those who do!), and when Microsoft went against spec by setting it default-on in their browser, advertisers whined that they can't see informed consent anymore and just shut down the whole initiative. Note: Microsoft is also in the advertising business, so if you're into that, that might be another angle for your favorite conspiracy theories.
Finally, there's consent-o-matic, available as browser extension for various browsers, and it lets you state your preferences. https://consentomatic.au.dk/
Would it have been better to integrate that into browsers properly? Sure. But the social and economical dynamics being what they are, this is probably the best we can get.
Technically they can ignore the users’ choices on cookie consent as well though. In fact, I would be curious just how many websites honor a user’s selection, and how many of them are just smoke and mirrors by having a consent modal that has zero subsequent value.
