If they're doing that after you clicked Deny, the government can come down hard on them. Sadly, only the government - individuals can't sue companies for GDPR violations.
Legitimate interest checkboxes are technically not asking for consent, they are considered informational. OneTrust popups are especially inflammatory in this regard.
Let’s team up the pissed off individuals and raid-sue one of the obviously abusing. One is nothing, but that could at least make more visibility of the borderline legality. And at best we win and go to the next one.
