Maybe read the law? That's exactly what it says. Obnoxious cookie banners are and have been illegal from day one. Denying usage of your personal data must be as simple as accepting it.
I admit it took much too long for the courts to effectively rule against the companies doing obnoxious cookie banners and even then it's hard because a lot of the companies doing such crap are outside of jurisdiction and hard to get.
On top only after that shit has been around a few years (and yes you'll have a relevant amount of court decisions only after 10 years or so) rules become clearer as there have been a number of cases - and guess what, the companies doing the obnoxious banners lose those cases.
But still a lot of them do it. Why? Because the fines are relatively low. They can get away with it, especially when they get on a standpoint oopsie we didn't know.
Now one thing that hasn't been in court is a model "pay a membership fee or we'll use your data". This is what Meta does, they demand a crazy fee (I think something like 35 Euro per month per person) or they'll use your data. Btw there's no cookie banner on Insta/Facebook etc. (because cookie banners are not required by law) - Meta just asks that I decide whether I pay or they can use my data (from time to time)
But still also the pay or be sold model is widely believed to be illegal under GDPR, but that will only get clear until one successfully (or unsuccessfully) has a court case against a high profile target like Meta or one of the big newspapers in EU which all use the same idea by putting up paywalls with an "allow tracking, then it's free" option.
I've been professionally doing this shit for quite some time now, building solutions to get consent from customers without cookie banners. For EU car makers, btw - and believe me, they don't like it any more than you do. If they could they would love to analyze every bit of tracking data they could get, your driving habits, where you go etc. Cars are smartphones on wheels nowadays. The only reason you don`t have obnoxious cookie banners when you start up your car? Obnoxious cookie banners are illegal - AND car producers are easier to catch in court than a media company on the other side of the globe.
For fucks sake the cookie banners are not required be EU law. I'll never understand why people can't understand this.
The law just says you can't use my personal data without consent and the cookie banners is what the industry does to work around that. Even more fun fact, most of these banners are outright illegal.
They are neither market propection nor regulatory muscle flexing, people over here just DO NOT WANT US and China style "All your data are belong to us" live without privacy.
War in den 70ern und 80ern ein erfolgreicher Scam: Todesanzeigen durchgehen und den Witwen Rechnungen für Pornos schicken. (auf den Namen des Verstorbenen)
Nicht zu hoch, damit die lieber aus Scham bezahlen.
Oder Briefe, die wie Rechnungen aussehen (Aber Aufträge für irgendwelche nichts bringende Scheisse sind, z. B. "Branchenbuch") an Firmen schicken.
Tatsächlich eine Signatur, oder eben z. B. eine Rechnungseinsicht auf der Webseite des Anbieters. Oder zumindest ein PDF Passwort, das man sich auf anderem Wege abholen muss.
Wir haben ja in DE auch schon mal versucht "sichere Mail" zu etablieren (DE-Mail), da waren aber die Rahmenbedingungen echt so hirnrissig. (Keine Notification über klassische Mail, wenn ich mich recht entsinne, war ein DE Mail Postfach aber genug für eine offizielle Zustellung - d. h. wenn Du da nicht jede Woche geguckt hast, hättest Du rechtliche Fristen verpassen können, weil ne Mail dahin ja zählt wie ein Einschreiben.)
Das Problem mit solchen Sachen wird (da die Echtzeitüberweisung häufiger wird) in Zukunft auch noch größer werden.
Vielleicht wäre ein Bankprodukt sinnvoll, mit dem ich an einen verifizierten Empfänger überwiesen kann. Wäre jedenfalls eine hilfreiches Ding. Ggf. gegen Gebühr, aber dann incl. Versicherung
Email ist, war und wird niemals ein sicheres Übertragungsmedium sein. Ich kann Mail anfangen und ändern, wenn ich beim Provider sitze, ich kann sie abfangen und ändern wenn ich nen anderen MX konfiguriere für dein Kleinunternehmen (weil ich irgendwann an Deine credentials gekommen bin für Deine DNS settings) usw usw.
Aus diesem Grund darf ich z. B. auch in meinem Job keine personenbezogenen und keine Kundendaten per Mail schicken, wenn die Mail nicht verschlüsselt ist.
Am Rande, weil jetzt jemand gesagt hat in einem der Kommentare - dann will der Firmenchef bestimmt wieder faxen - Nein, auch Fax ist kein gerichtssicheres Verfahren. Ausser, du kannst sicherstellen, dass am anderen Ende ein manipulationssicheres Gerät steht (und nicht z. B. ein Fax to Mail Gateway)
Maybe read the law? That's exactly what it says. Obnoxious cookie banners are and have been illegal from day one. Denying usage of your personal data must be as simple as accepting it.
I admit it took much too long for the courts to effectively rule against the companies doing obnoxious cookie banners and even then it's hard because a lot of the companies doing such crap are outside of jurisdiction and hard to get.
On top only after that shit has been around a few years (and yes you'll have a relevant amount of court decisions only after 10 years or so) rules become clearer as there have been a number of cases - and guess what, the companies doing the obnoxious banners lose those cases.
But still a lot of them do it. Why? Because the fines are relatively low. They can get away with it, especially when they get on a standpoint oopsie we didn't know.
Now one thing that hasn't been in court is a model "pay a membership fee or we'll use your data". This is what Meta does, they demand a crazy fee (I think something like 35 Euro per month per person) or they'll use your data. Btw there's no cookie banner on Insta/Facebook etc. (because cookie banners are not required by law) - Meta just asks that I decide whether I pay or they can use my data (from time to time)
But still also the pay or be sold model is widely believed to be illegal under GDPR, but that will only get clear until one successfully (or unsuccessfully) has a court case against a high profile target like Meta or one of the big newspapers in EU which all use the same idea by putting up paywalls with an "allow tracking, then it's free" option.
I've been professionally doing this shit for quite some time now, building solutions to get consent from customers without cookie banners. For EU car makers, btw - and believe me, they don't like it any more than you do. If they could they would love to analyze every bit of tracking data they could get, your driving habits, where you go etc. Cars are smartphones on wheels nowadays. The only reason you don`t have obnoxious cookie banners when you start up your car? Obnoxious cookie banners are illegal - AND car producers are easier to catch in court than a media company on the other side of the globe.