AFAIK GDPR does explicitly legislate against all that - dialogues should be "opt-in" and should include a simple "no" option, and that sites shouldn't "ban" you for not clicking "yes".
But unless EU actually starts delivering some hefty fines, the law is just a dead tree.
But if the site relies on cookies and localStorage and cannot work without it, "no" option is equivalent of "ban".
And it's their computer that allows the usage of cookies and localstorage. All modern web browsers has an option to disable them. It's technically stupid.
I think they're saying that a lot of sites use cookies instead of the web storage api to store the option on the dialog, meaning that even if the dialogue are opt-in, they won't work unless the user enables cookies.
Basically a fundamental misunderstanding of the difference between cookies and local storage on the part of the web developers of many sites; i.e. cookies are sent with every request, whereas localstorage isn't and these sites should be storing the option to not use cookies in the localstorage instead of cookies, and I think I'm repeating myself because I haven't had my coffee after taking a nap, but that's neither here nor there or anywhere.
They should, in theory, fine websites that do install cookies before you give consent, or refuse to give sevice that doesn’t strictly require cookies (e.g. an article).
You can definitely put ads without deep profiling. They can even be relevant. Just advertise for fishing accessories in fishing articles. Or hardware load balancers on Slashdot. Why not? Better than serving me whatever someone in my family has looked before (that is if I didn't have an adblocker for the past 10 tears)
Probably most content people read does not easily translate to a product as in your fishing example. Generally, ads with no targeting are not very profitable.
My point was there can be
targeting on content. Magazines have ads. Are they as profitable as privacy invading content ? Maybe not but they're tolerable.
There are ads on HN (the "xyz is hiring", and I suspect a non-zero number of articles posted/promoted to the front page are paid ads made to look like content.
You can gauge user interest by, for example, counting page views. You don't need to fingerprint users, create a catalog of all articles they view, try to guess their interest in certain topics using "AI", and do all the other absurdity that they think they "need" to do now.
AFAIK GDPR does explicitly legislate against all that - dialogues should be "opt-in" and should include a simple "no" option, and that sites shouldn't "ban" you for not clicking "yes".
But unless EU actually starts delivering some hefty fines, the law is just a dead tree.