The purpose of the laws (GDPR et al) is to give me control over who does what with my data, data about me. The operator of the website is who the law binds. It's not even about the website - if I phoned or emailed, the same laws would apply. You need my explicit consent to process my data in a number of ways that you'd like to, it makes you money, but I don't want you to.
The processors of this data can't make as much money off selling access to data about me, if I have these rights. So they petulantly get in my face as much as possible, via banners on websites, to annoy me and confuse me as to why these banners are even there, and try and trick me into letting them make more money.
The banners, which a browser could block or autofill, are just the surface. And they're an attack surface, so even if we agreed a way for the browser to pass on your preferences (we already did this, it's called the Do-Not-Track or DNT header, and it was a complete failure because website-owners just ignored it), website-owners would add a second layer of "ah, I see you said no automatically, but are you REALLY sure you don't want to let me make more money from your data?"
NOYB is very good for chasing after such charlatans, and forcing companies to obey data protection laws. Here is some of their guidance, and listing of the dark patterns used by non-compliant companies: https://noyb.eu/sites/default/files/2024-07/noyb_Cookie_Repo...