Note that this doesn't disallow websites with first party data and user consent to add user related information to the bid requests to increase their value, it just doesn't allow to correlate the information with a person after the RTB process ends. Of course it totally changes the role of data providers in the current ecosystem, but that wouldn't necessarily be a bad thing.
I believe this is intentional on part of the EU.
The American companies are simply bigger target and have the attention of more people, so their reported more quickly.
Name and shame. List the EU companies that are shitting on user privacy the way Google, Twitter, and Facebook currently are.
If a page on some website is about cars, then you sell that page as being about cars to the advertisers. At no point would you care about the user, just the assumption that a person reading about the latest Toyota might be in the marked for a new car.
Why would users actually provide meaningful consent to having a tracking profile? You need to actually offer something to users. The law essentially says you cannot just start profiling them without their permission.
You could offer users a subscription based ad free browsing experience. User pays 50 euro a year, you take a 10% margin, leaving 45 euro behind to provide the ad free experience. At 164 impressions per day (stretched inference from the article) you bid 0.075 cents per ad space. If an ordinary advertiser bids less then this to show you an ad, then no ad would be shown instead and the content publisher would still get paid. At any time you could cancel your subscription and demand that the profile be deleted. This is just one idea on how you could collect meaningful consent for an ad profile.