Actually, I believe it explictly includes this idea of consent. For example, they state that when you use a cart system you consent to the cookie because you knew it would be needed.
But my point was more about the basic idea that people know Facebook is data mining them and use it anyways therefore the idea that you haven't opt'd into it is a bit silly. I wasn't talking about the legal point of view.
Consent requires a positive opt-in [0] but there are conditions that permit use of cookies without consent [1]. It seems clear to me that it was written with the intent of excluding advertising cookies while allowing shopping baskets to work even without consent, as you say. Facebook is contesting that its use of cookies falls under the processing is necessary for a contract you have with the individual category, and so doesn't require consent. Of course, if that's the case, the GDPR is truly toothless regarding tracking cookies.
> my point was more about the basic idea that people know Facebook is data mining them and use it anyways therefore the idea that you haven't opt'd into it is a bit silly
Another relevant point here is that we seem to keep focusing on cookies, but that's just a small part of the equation.
It's not directly relevant, but regarding exceptions to the consent requirements of the cookie law, apparently there are two: [0][1]
> - the cookie is for the sole purpose of carrying out the transmission of a communication over an electronic communications network
> - the cookie is strictly necessary to provide an ‘information society service’ (eg a service over the internet) requested by the subscriber or user. Note that it must be essential to fulfil their request – cookies that are helpful or convenient but not essential, or that are only essential for your own purposes, will still require consent.
Unlike the GDPR, there's no necessary for the performance of a contract exemption.
The GDPR quite explicitly rejects the idea that this constitutes consent.