Which EU law mandates cookie banners?

For the vast majority of cases, it's malicious compliance by websites to make people believe the issue of the banner when the problem is the data collection.

Mostly it is general caution of website owners not wanting to get sued by Saul-Goodman-type lawsuit mills who abuse this - and virtual every - half-baked law that comes out of the EU.

Now, if I was cynical, I would point out that most parliamentarians - regardless on where they sit - have a background in legal professions. I would then suggest that there is a 'make a bad law' -> 'make cash suing over it' pipeline.

But that would be cynical. Instead, I'll end with Tacitus: Corruptissima republica, plurimae leges.

I think OPs point is that even malicious compliance is proof that companies feel they cannot simply ignore EU law.

And did it achieve the desired effect? I don't think so. But it caused banner fatigue and insane amount of cognitive load while not improving privacy for probably +90% of people.

> did it achieve the desired effect?

Desired by whom? At this point the desire of EU legislators is to make sure that EU never gets any chance of success in the tech field. Cookie banners do serve this goal well.

Exactly. So the desired effect was privacy, and it failed at achieving that.

Can't deny it increased transparency,nowadays I consciously visit a website knowing I am tracked by a few thousand add services