Sites were supposed to stop using a shotgun method of grabbing all data they can, sharing it with everyone that will take it, and hoping something will stick. They were supposed to take responsibility for data they collect and share.
But instead of changing anything, sites went for the laziest workaround (which apparently isn't even legal), so that they could ignore the legislation and keep business as usual.
Sites were supposed to stop using a shotgun method of grabbing all data they can, sharing it with everyone that will take it, and hoping something will stick. They were supposed to take responsibility for data they collect and share.
But instead of changing anything, sites went for the laziest workaround (which apparently isn't even legal), so that they could ignore the legislation and keep business as usual.