And yet, before GDPR, when all of this was happening, those sites still saw increase in visitors and still made money, because people learned to ignore the ads since the design of the core website was pretty good and ads were not obtrusive to user experience.

And yet, before the FDA was allowed to regulate baby food, baby food producers in the US saw increase in buyers and still made money with their product with arsonic and lead content above dangerous threeshold for adults.

Those new regulation will probably increase the price of baby food, and people obvisouly didn't care about the heavy metal content, so why regulate at all?

"Hey, people used to put up with that shit" isn't exactly a winning argument.

No the winning argument is that GDPR does nothing to protect the people, therefore its pointless.

I'd say "way before GDPR" we had a local maximum with the initial AdWords experience, where those ads were pretty unobtrusive and there was limited .js spam

"They still made money" sure, on top of externalities.

And now they realize, with some help from Apple and Chrome that this business model has a limit