By not setting a cookie until the user does something active when I then tell them (say on “log in” or “add to basket”.

watermelon0 3 hours ago | parent | next [-]

You don't need a cookie banner for authentication/shopping basket cookies, since these are essential.

However, you are still required to provide a list of essential cookies and their usage somewhere on the website.

	▲	phendrenad2 an hour ago \| parent [-]
		This. I don't know why there's a heavy overlap between the "GDPR didn't go far enough" people and not actually reading the GRPR. I'd think they would overlap a lot with people who actually read it.

▲

nonethewiser 4 hours ago | parent | prev [-]

I dont think you actually need a cookie for that, technically. But I take your point.

What about trackers which they want to set immediately on page load? Just separate prompts for each seems worse than 1 condensed view. You might say "but trackers suck - I don't care about supporting a good UX for them" and it would be hard to disagree. But I'm making the point that its not malicious compliance. It would be great if people didn't use trackers but that is the status quo and GDPR didn't make theme illegal. Simply operating as normal plus new GDPR compliance clearly isnt malicious. The reality is cookie banners everywhere was an inevitable consequence of GDPR.