GDPR is the dumbest recent law I can think of. Even if a website has no intent to track users, it's way too hard (aka expensive) to tell if you're compliant without slapping on a banner.
The only dumb thing about the GDPR are hot takes like yours.
It's pretty easy to not needlessly track and accumulate data about your users. It's harder when your users are not your customers but a product you are trying to sell to third-parties but discouraging that is a good thing.
> it's way too hard (aka expensive) to tell if you're compliant
How hard is it to figure out whether you place cookies on other people's computers or you don't? Even if you can't read your own source code, you could simply install a new browser, visit your website, and then check the cookies on that browser. I don't think it's GDPR that is dumb.
Cookies alone don't make you non-compliant, it's what you (or anything embedded on your site) do with them. You can also be non-compliant without cookies, but that's not fixable with a banner.
And the EU doesn't jump straight to the maximum penalty and gives you plenty of warnings to sort it out if you accidentally don't comply in a subtle way. If it's noncompliant in a subtle way that doesn't actually cause a problem they certain won't even notice.
Look how blatantly Apple ignored the DMA and how long it's taken the EU to pursue real enforcement action. It seems clear: there is no need to *fear* EU penalties unless you are dead set on noncompliance. Honest mistakes don't bring down businesses due to GDPR.
If this isn't a written policy, it's not a good enough guarantee. If you're only judging based on Apple: Just because it takes long to be penalized doesn't mean you won't be, and Apple has a lot more legal resources than most companies.
Nothing is a good enough guarantee. They don't exist. The perfect is the enemy of the good. Stop looking for guarantees that don't exist, and start doing business with fuzzy logic - successful businessmen know they are constantly testing the boundaries of the rules. A negative result (this thing isn't allowed) from a test isn't a failure, if you do it right - it's just a negative result. Apple is on the path to severe penalties because they were repeatedly told something wasn't allowed and then kept doing it, even going so far as to do it in ways that seen to be mocking the decision.
