Reality is complex and nuanced, so it doesn't make sense to interpret words in the same strict sense as they would be used in formal logic.
GDPR legal bases relate to processing purposes, i.e. goals that shall be achieved via the processing of personal data. The GDPR has principles such as data protection by design and by default and data minimization. These principles tell us that we should only process the minimum data necessary to achieve the purpose, and should use the most privacy-friendly means to do so. The use of the word “necessary” in Art 6(1) GDPR is an expression of these principles, and restricts which means we can use towards these purposes.
The word “necessary” was at the heart of the Munich “Google Fonts” case. A website operator claimed that they had a legitimate interest for embedding fonts from a third party server (Google) on their website. The court did not even consider whether that legitimate interest was valid. Because even if it was valid, there would be the question whether embedding fonts from a third party server was necessary to achieve those interests. The court found that this was not necessary, as there would be more privacy-friendly means to achieve the same interest, namely self-hosting the fonts.
The word “necessary” also appears in the context of the ePrivacy Directive, which regulates the use of client-side storage such as cookies. The default is that accessing or storing information on a client-side device requires GDPR-consent. However, there is an exception, in case that access or storage is strictly necessary to provide a service that was explicitly requested by the user. Here, the words such as “strictly”, “necessary”, and “explicitly” all help to show that this exception must be interpreted fairly narrowly. The main point of debate in this context is then which services were “requested”, i.e. which services of an app or website are core parts of the offering, and which are optional. This becomes tricky in particular when such client-side storage is strictly necessary for providing the service in a safe and scaleable manner (e.g. cookies for load balancing, bot detection, rate limiting), even though the service could technically work without them. It is thus not always possible to draw a bright line, though regulatory guidance has made some aspects perfectly clear. For example, ads are never strictly necessary for providing a service in the sense of the ePrivacy Directive, even though they might be necessary for a website's business model. Whether cookies are necessary must always be considered from the perspective of the user.
A note on word choice in EU law:
Drafting EU laws is a linguistically challenging process because the law must be translated into all member state's languages, and all of these versions are the authoritative document. Thus, they must express the exact same meaning. It is more preferable that the different versions are aligned in word choice and sentence structure, than making sure that the English version has elegant prose. Also, laws tend to use a formal and neutral linguistic register.
Words like “necessary” or “required” are useful here, given their plain meaning with few distracting connotations. Also, “necessary” has exactly equivalent words in Romance languages.
The word “essential” is more complicated. It is more difficult to find exact equivalents in other languages. It has potentially distracting metaphysical and biochemical connotations. While it is also used in formal writing, it has a more argumentative tone there, similar to “imperative”. For example, a business memo might use emotive language like “It is essential that we achieve our KPIs for this quarter”, where the word carries more emphasis than the more neutral “necessary”. That linguistic register would be inappropriate for laws.
The GDPR and ePrivacy directive do use the word “essential”, but the GDPR only uses it in the recitals (which argue why the law is necessary), and the ePrivacy Directive uses it in the sense of “relating to core aspects”. The GDPR also uses the word “essence” in three articles, where it is used in the “central aspects” sense. For example Art 23 GDPR contains both relevant words which perhaps highlights their not-quite-interchangeability:
Union or Member State law […] may restrict [data subject rights], when such a restriction respects the essence of the fundamental rights and freedoms and is a necessary and proportionate measure in a democratic society […]
Of course, the phrase “necessary in a democratic society” is borrowed from the ECHR and has substantial amounts of case law around it.