The cookie law wasn't half as shitty as the lazy ways companies adhere to it. But even that I'll take any day over the time before the cookie law (which, BTW, is much more extensive than just regulating cookies).
If a law results in companies taking actions that annoy and impede hundreds of millions of people in aggregate, there's something wrong with the law. Governments need to consider the actual effects when they write laws, not what the effects would be in an ideal world.
The law doesn't result in the companies taking actions that annoy, that is the decision of the company. Why do you absolve the company of any and all responsibility?
The law causes malicious compliance therefore it's a bad law?
Well, sure. However, quite a lot of the websites aren't actually in compliance in the first place.
For example, this Christmas I had to remind a company that me placing an order was not permission for them to email me a survey asking how good the delivery was — customers aren't a free QA team.
That what appears to what happened with GDPR, it is much more sensible and covers the common "workarounds" of making the reject harder or blocking the site content if you reject
