I went through a similar thing which resulted in me removing cookie warnings from all but one of the websites I manage, yet I still believe that the law is stupid. It's like outlawing guns to solve your murder problem without considering all the other murder weapons all while keeping the act of murder itself legal.
As far as I understand it, the GDPR does everything and more than the cookie law was supposed to, so IMO it's about time we put that disaster behind us.
The directive containing the cookie law (ePrivacy) was indeed being revised in 2017. I haven't heard much about it since though. It Essentially enshrined the Do Not Track header into law and also expanded the rules for privacy etc of sms to internet messeging services. I wonder how much of the information in this thread is about the original directive and how much is about the new one.
As far as I understand it, the GDPR does everything and more than the cookie law was supposed to, so IMO it's about time we put that disaster behind us.