The Do-Not-Track header is a perfect solution to this, but unfortunately the largest browser vendor is also the largest advertising network, so the implementation of DNT devolved into a farce.
I disagree that the "Do-Not-Track header is a perfect solution to this", because it implies that the default (i.e. the header being absent) should allow sites to track you. I (and apparently EU legislators) think opting in to privacy is wrong. You should have privacy by default. If anything, there should be a "Creepily-Track-My-Activity-Over-The-Entire-Internet" header, that, when present, allows tracking.
There also used to be another standard called "P3P" that tried to integrate privacy into browser UIs with a more or less standardized interface and that, too, failed. Among other reasons because companies wanting to track people subverted it.
It has nothing to do with the browser vendor being in the ads industry. It's up to the website operator to respect it. If a website operator doesn't like a browser vendor's DNT defaults, it won't respect it, and that is why DNT failed. Regulatory backing could fix it.
The ePD/GDPR are not about technical barriers for bad actors, but about compliance for good actors. Technical mechanisms like DNT would be a reasonable way to get rid of cookie banners while complying with ePD/GDPR.
