That's what the GDPR mandates already - the problem is that there's no serious enforcement of it so websites are allowed to get away with non-compliant banners.
Cookies is purely for the previous "ePrivacy Directive" (aka stupid cookie law) but nowadays you must comply with both - and complying with the GDPR will in the vast majority of cases inherently comply with the ePrivacy Directive anyway.
Side question, why does a site need cookies?
This would even help some of my clients. I had a client say "we need to be compliant add a cookie banner" so I did. A week later they call me up in a panic saying their engagement (Google Analytics) had almost completely fallen off and I explained people are probably declining the cookies.