America has already basically imported GDPR because all of the companies building GDPR tools are not going to restrict them to the EU for fear of accidentally blocking a genuine EU citizen.
The cookie pop-ups are not actually the fault of regulators. The intention of the "cookie law" was to prevent tracking of users without their consent (on a much more granular level), but they neglected to include GDPR-style rules disallowing degradation of service. So companies just made all cookies technically opt-in with a single button (but where opting out means you cannot use the website), which defeats the spirit and purpose of the law.
It is my understanding that GDPR will not allow for such simple workarounds by companies to just continue doing what they were doing previously.
