On that of that, a lot of websites do not allow the user to use the website if they do not give consent to allow the non-functional cookies. Which is against the GDPR.
I heard a talk by Ulrich Kelber, the German federal data protection officer, two months ago. He admitted that it does not make much sense right now to encourage more people to report GDPR violations. As it stands, data protection agencies are already drowning in reports and most of them are horrendously underfunded. (Especially in EU countries that are not Germany. Germany has had strong data protection laws for a long time, so the staffing situation in our data protection agencies is slightly better.)
