if there's a process, why are dark patterns so prevalent? i might have seen a clear and straightforward choice once or twice; usually, it is hard to find the reject flow and hard to understand whether i am correctly triggering it.
i am sure there are many databases out there which i am marked as having consented it, although i did no such thing. the standard is to make it hard to express your desire to opt out despite the rules requiring entirely the opposite.
Mostly because enforcement has not gotten to them yet - lots of the really bad examples are from non-EU companies, and the priority of the enforcement has been mostly with local businesses, and most of that for all kinds of privacy issues with more real world impact.
E.g. at the launch of GDPR a local major supermarket chain tried to use a bunch of dark patterns for their loyalty card program (mostly offline) process so as to continue their tracking, they were forced to change last year. It's clear that issues like that have a much larger impact on privacy of people than some foreign news website, and that's prioritized accordingly.
For the major multinational social networks, the delays are (intentionally?) caused by the lack of capacity in the Ireland data protection agency, as many of these multinationals have their EU HQ in Ireland because of tax purposes, so all their cases are being handled there and that means that enforcement for them is going to take a long time. But if I look at random local websites today and compare it to what was happening a year ago, the dark patterns are not prevalent anymore. They appear occasionally, but they're really rare now locally.
i am sure there are many databases out there which i am marked as having consented it, although i did no such thing. the standard is to make it hard to express your desire to opt out despite the rules requiring entirely the opposite.