Well, at that point, all semblance of reality would have been lost anyway. It seems highly unlikely that any businesses, even huge ones that have data-hoarding business models, are going to start itemising opt-in consents in their sign-up process rather than just having a compliant privacy policy and a single active consent to processing under it.
Unless they really want to play chicken over something that is clearly an unreasonable interpretation of the rules, I doubt it.
Using the GDPR to go after one big player that seriously screwed up is one thing. I certainly wouldn't be comfortable if I held Facebook stock right now.
But going after all the big players, just for not complying with something that is probably impractical for any of them to comply with, is something else entirely. How long do you think public sentiment is going to support government regulators and the GDPR if the likes of Facebook, Google Mail, WhatsApp, Instagram and SnapChat all go dark across the EU for an hour, or a day, or a week?
There's nothing unreasonable about it, it's the plain reading of Article 7 (2).
Regarding the big sites, I don't see how is that relevant to your initial point about whether "every site" will have mandatory checkboxes, and so I'll let someone else read the magic 8 ball.
