Maybe users should be responsible for what they intentionally run on their machines.

That’s absurd. That’s like saying car owners should be held responsible for how safe their car is to drive. It makes unrealistic assumptions about the competency of the end user to judge such things.

No it’s not. Rather it’s more like drivers should be held responsible for how they drive their car.

I’m not even saying responsible— just they cant reasonably complain when they drive somewhere new and they don’t like the road conditions.

Your original analogy is more like this: If a person's computer got hacked unintentionally, they shouldn’t be responsible for the damage it caused to others.

Nobody in their right mind is going to carefully peruse the cookies and injected JS scripts of every page they visit.

No, the onus is clearly on the developers, who are the ones with the professional responsibility to make software that abides by the laws.

I’m talking at the meta level. The laws can start nationalizing every company. But I think it shouldn’t. The law can put the burden on developers — but shouldn’t.

I shouldn’t have to abide by some stupid rules to plug my server onto the Internet and listen on port 80.

When the law is not enforced, there is no hope.

Clearly the GDPR is being enforced

Your right. The best way is to filter at the firewall level everything Google, Microsoft, Cloudfare, Facebook, Twitter etc. The world would be a better place. Now try to do this on Windows 10 :)

I use NoScript on Google. Works fine. Most things work okay without scripts if you are just there to read.