I mean… The EU could’ve also said ‘no privacy invasive cookies’ instead of ‘cookie Banner if privacy invasive cookies’. I don’t think being able to disable is bad, I think they didn’t go far enough (and also of course datapeople only comply in the most malicious way possible. It’s literally their job, a job that shouldn’t exist.)