I'll also point out that vast swathes of cookies do not require a cookie popup, according to the European Commission's internal guidance; specifically, for their own websites, they believe that "cookies used for the sole purpose of carrying out the transmission of a communication" and "cookies that are strictly necessary in order for the provider of an information society service explicitly required by the user to provide that service" do not require a cookie popup. So, for example, CSRF cookies, login cookies, and so on and so forth do not require a cookie popup.
That is - if you're building a website and using the bare minimum cookies you need to make the website function, you don't need a cookie popup. The default here is that you don't need a cookie popup, and when you start tracking users and/or selling their data, you need to comply with ePrivacy and the GDPR.
That is - if you're building a website and using the bare minimum cookies you need to make the website function, you don't need a cookie popup. The default here is that you don't need a cookie popup, and when you start tracking users and/or selling their data, you need to comply with ePrivacy and the GDPR.