The EU needs to just ban non-authentication use of cookies and client side marketing data collection altogether. I can't stand those annoying prompts, something out of a hellish carnival.
Good news: prompts that make it easier to accept than decline, or make it confusing or use dark patterns are already illegal and don't actually comply with the GDPR.
Bad news: enforcement is nowhere near enough, so the problem remains. But when/if enforcement does finally pick up, this problem will be resolved.
