The EU does not want to say how it has to be done. It's a bad idea to put something into law because changing the law is incredibly slow. They only do that when the market failed over a long time.
See smartphone connectors where they will demand USB-C soon. When the news hit HN quite a few people were calling EU anti innovation.
> The EU does not want to say how it has to be done.
This is a massive loophole that the likes of Google can drive a coach and horses though. Doing it per website means that in practice 99% of web uses just press the "accept cookies" button without thinking.
Of course, demanding a specific format is the definition of being anti-innovation.
Same with peddling with the web. They ruined the browsing experience for everyone and they're messing up with the market model of allowing people to sell their activity information in exchange for free stuff online.
The advertising model is what made the web possible. The more restrictions you apply to how websites finance themselves the more you constrain the web to be built by big actors with money and stifle innovation.
It was actually refused by ad & publisher networks. They really wanted the capacity to "convince" the user that their tracking is very special and good for them.
> By forcing every website to implement the same functionality for cookie prompts.
Can you expand on that? If you mean the GDPR, my reading is that it is unlawful to collect identifiable user data without informed consent. If a website does not collect data, then no problem. If a website wants to collect data, it must ask permission and give control to the user over the data. How the website implements this is not mandated.
They are legally enforcing the reinventing of the wheel.
It could have been done at browser level, which would have been a relatively negligible cost of compliance.