The chief reason is that websites pay for advertising and want to know if the advertising is working and Google tag manager is the way to do that, for Google Ads.
This is not unreasonable! People spend a lot of money on ads and would like to find out if and when they work. But people act like its an unspeakable nebulous crime but this is probably the most common case by miles.
Why should an advertiser have a right to know if their ads work, regardless of privacy considerations. EU brought out a freaking legal framework around this. I can't take seriously how you've over simplified it.
Tracking website ads has become so normalised, it doesn't seem to even cross the minds of web-only marketing people to think: how has this always worked for advertising via TV, radio, billboards, newspapers/magazines, etc?
Website-based advertising is a special case - the only one that makes this tracking possible. Advertisers need to understand the huge advantage they've been given, rather than taking it as a given and thinking they have more of a right to the data, than the user has a right to not provide it.
It feels that way for a lot of privacy concerns. "Telemetry" is the scare word for debug log, core dumps, and stack traces. I think it’s completely reasonable to want those.
This is not unreasonable! People spend a lot of money on ads and would like to find out if and when they work. But people act like its an unspeakable nebulous crime but this is probably the most common case by miles.