It's mostly small and medium sized firms that show the cookie warning out of fear.
That's completely the opposite of what I want as a consumer as well as a small-time webmaster.
Just to be clear: spiegel.de never shows a cookie warning even if visit with a fresh browser. You can opt out by visiting their privacy page  (in English).
The money and time could have been a lot better spent on international awareness campaigns arming consumers with more privacy knowledge instead of expecting website owners to shoulder the informational burden (because those orgs in aggregate have no core incentive to treat user's privacy as an inherent good).
The GDPR is unlikely to be overturned, and there are plenty in the EU who are eager to enforce it. Just because it's not being enforced right this second doesn't mean the law won't catch up to offenders.
Especially if Margrethe Vestager replaces Jean-Claude Juncker as president of the European Commission, you can expect a ton of action on this front.
the odds of this are essentially zero
she's in a minor EU party and her own country won't put her forward as candidate
But we haven't yet seen it enforced, have we?
the only way that a law like the GDPR that’s purposefully vague and broad can work is to allow plenty of lead time for warnings and fixes before fines
it’s a process; you shouldn’t expect it to change everything overnight
And as a consequence we're going to continue sinking into irrelevance.
>The GDPR is unlikely to be overturned, and there are plenty in the EU who are eager to enforce it.
I think it will be overturned a couple of decades from now, when an economic crisis hits and we find that we've fallen significantly behind other countries due to our fear of technology.
My prediction is that these Cookie shenanigans will be ruled as illegal according to GDPR, and then they will disappear.
Fines are to be handed out by the national data protection agencies. In Germany, the data protection agency regularly goes after violators since the 1990s. They audit German administrations and companies with respect to data protection, and request changes where necessary. See here for yearly reports of one of the state agencies: https://lfd.niedersachsen.de/startseite/allgemein/taetigkeit....
So at least for Germany there is no foundation for your claim.
Which it, surprising no one competent, did.
The law forbids dark patterns, coercing into accepting, delegating opt-outs to third party sites, and requiring collection of more data than is strictly necessary to operate the site.
The results of the legislation -in regard to cookies- are inconsistent, annoying, unevenly enforced, create a moral hazard and two-tier system, and I presume have negative overall utility.
This is why I do not consider the law to have been written with good intentions. The intentions were claimed to be good, but I don't see the lawmakers having had put in the necessary effort to ensure privacy improvement. Nor admit there are shortcomings to the legislation that need either fixing, or perhaps scrapping the legislation. Did they really intent on exerting enough effort to write the legislation well? To shoulder blame if it does not work out? To take the responsibility? Or to shore it up as situation develops?
Right now I perceive the cookie warnings to be merely EU's advertising banners - "Heeey, this is EU taking care of you!" - plastered all around the web just like banner ads used to be plastered all over the web. Morally the same - pompous self promotion, except paid for with legal rubberstamp rather than money.