Consent is never "needed". Consent is one of many legal bases that allows for data processing to take place. If other legal bases than consent do not apply, the industry can use "consent" as a get out of jail card. Consent as a legal basis was heavily lobbied by Big Tech.
If even consent does not apply, then the data shall not be processed. That's the end of it.
It's called dark patterns and malicious compliance
.
The annoying banners in particular, were designed by IAB Tech Lab, which is an industry front for adtech/martech companies.
Oncehub removed tracking cookies from some of their meeting invite pages in the EU and stopped showing a banner, because they thought it looked offputting.
They got a few support tickets from people who thought they were still tracking, but just removed the banner.
It's (at least in some cases) malice, not stupidity.
By putting cookie banners everywhere and pretending that they are a requirement of the GDPR, the owners of the websites (or of the tracking systems attached to those websites) (1) provide an opportunity for people to say "yes" to tracking they would almost certainly actually prefer not to happen, and (2) inflict an annoyance on people and blame it on the GDPR.
The result: huge numbers of people think that the GDPR is a stupid law whose main effect is to produce unnecessary cookie banners, and argue against any other legislation that looks like it, and resent the organization responsible for it.
Which reduces the likely future amount of legislation that might get in the way of extracting the maximum in profit by spying on people and selling their personal information to advertisers.
Which is ... not a stupid thing to do, if you are in the business of spying on people and selling their personal information to advertisers.
That's the bit everyone forget. GDPR didn't ask for cookie banners at all. It asked for consent in case consent is needed.
And most of the time consent is not needed since I just can say "no cookies" to many websites and everything is just fine.