How has the GDPR changed the practices of any company outside of the EU? If you think the GDPR and cookie banners on every website is an argument for more government regulating, is that the argument you really want to be making?
Nearly all large U.S. corporations adhere to the data retention rules and right to delete GDPR rules for EU citizens because they also operate in the EU, and nearly all of them proactively adhere to the GDPR for US citizens just to keep things simpler. Fixating on cookie banners is naive. Here’s just one example: https://www.apple.com/legal/privacy/en-ww/governance/
