GDPR does not require cookie banner at all for this use case. GDPR is not about cookie banners at all. It is about consent of using personal or identifiable information. It is about safely processing data and not collection personal information that you were not permitted to have. This gets tricky as IP is recognized as private information in EU. This can be solved by telling GA to not collect it.
Google Analytics does not require you to post cookie banner, but you have to inform user on your privacy policy page that you are tracking their "anonymous" activity. How much it is anonymous knows only Google. Source: https://marketingplatform.google.com/about/analytics/terms/u... section "7. Privacy"
What requires consent banner is Google Ads! Google is through you creating unique profile for each visitor that makes him identifiable. This is in direct conflict of GDPR that prohibits such behavior without explicit consent. So mere "We are storing cookies. > Accept <" is actually also in direct conflict with GDPR as you are lying or hiding this information from the user.
I am also not lawyer, but I was involved in implementation of this for e-commerce.
This is not a reasonable assumption and once it's throw out it becomes clear this boy was endangering others as well as himself by doing something ill-advised and unplanned.
― Albert Einstein