The mere existence of regulation is part of the problem. Without precise understanding of the law, you don't know if your use cases are fine/excempted. The safe default assumption is that your site is not compliant with regulations until you can prove otherwise, involving a lawyer.

That regulation would not have come into existence if there were no privacy problems caused by the ones that have to comply to the regulations

Right, and that regulation has a cost. I hope it's worth it.

There were certainly problems.

But the GDPR and ePrivacy directives don't protect us from nefarious cross-site tracking cookies.

Prior to the GDPR, websites just tracked us.

Now they track us AND present an irritating warning that users have learnt to mindlessly "accept"

This is simply not true.

Given you have a law background I can understand your appetite for new and complex regulation, and your desire to defend it.

Legal professionals live in a different world to entrepreneurs - with diametrically opposed priorities.

I have a law background, put am in the startup scene since 7 years as a founder.

Yes it is unnecessarily complex, but as I said: there is so much BS floating around. In reality if you have goodwill and yes invest a little time it is not that hard to be compliant and in praxis if you are not: usually there is the concept of warning before fining, so you do get a second chance.