But equally, you're leaving out the possibility that charities really were clear and honest about what they would like to send and really did provide a genuine choice, yet would fall foul of one of the technical requirements under GDPR that wasn't in force at the time. This is probably the case for most if not all of the charities I support myself, so absent evidence to the contrary I have to assume it was widespread practice.

People keep talking about the "spirit of the law", but there's a danger that this becomes a euphemism for "what I wish the law had said, even though it didn't". Usually when people contrast the spirit of the law with the letter of the law, they are making a point about avoiding the obvious purpose of legislation by relying on legal technicalities or subtle implications that most people wouldn't pick up.

In this sort of case, I don't see how it's against even the spirit of previous data protection law if a charity clearly and honestly stated that it would like to send information to donors about how their money was being used, which probably many donors would indeed like to receive, but for example they checked the box by default. There was an explicit provision for businesses to send marketing mail to previous customers or prospects without requiring consent at all, as long as it related to products or services similar to what the recipient had been interested in before and as long as some reasonable requirements about opting out were met, so clearly this isn't some absurd idea just dreamed up by charity fundraisers.