Cookie Banner: The most common mistakes you should avoid
In addition to a privacy policy, the cookie banner on a website is an equally important element of data protection, yet more and more complaints on misleading cookie banners are surfacing to the public.
Looking at the fines imposed in 2022, we are currently in a state where website operators should be very careful when navigating the minefields of data protection. You certainly don’t want to attract attention from data protection authorities or lawyers (remember the Google Fonts wave of fines 🤯?).
That’s exactly why in this article we’ll go over the 5 most common mistakes when using cookie banners, to protect yourself as a website owner from potential fines and at the same time create a better user experience for your customers.
In a hurry? Check out the following links (completely free!) and become GDPR compliant now:
🚀 Create a cookie banner in minutes →
Mistake #1: Your banner does not display clear “Accept” & “Reject” buttons
The first and probably the most common mistake you still see today is the lack of clear “Accept” and “Reject” buttons, which is mandatory for a GDPR compliant cookie banner. According to the GDPR, your website visitors must be able to recognize both the “Disagree” and “Agree” buttons. Note here that both buttons should be equally the same in terms of format.
Remember the headlines in early 2022 when Google announced it was adding the “Disagree All” button to its cookie banners? This was indeed a minimum requirement set by the GDPR for a compliant cookie banner, but also a defining moment, to signify the pressure given by the GDPR watchdogs, especially on larger corporations. And one of those being the CNIL (French Data Protection Authority), which fined Google a total of 150 million euros in January 2022 alone (including YouTube!).
✅ Follow the example below and use consentmanager’s Cookie Banner Generator for your website to make sure your cookie notice displays the “Accept” and “Reject” buttons. Our system also recommends you which cookie banner designs you should avoid.
Mistake #2: Your cookies are not blocked before consent has been given
Another common mistake of many cookie banners is that they do not block cookies before consent has been freely given by the user.
But what does prior blocking mean and how does this mechanism work?
All non-essential cookies must be blocked before the user gives consent. This means that your website should be able to stop the execution of cookies being run on the browser before consent is given. This can be quite a technical task if you usually never manage the content of your website yourself. Therefore, we recommend you to check all active plugins that use cookies in the background. And if you are not sure, a cookie scanner can be of great help. Most services offer this for free these days, and with it you can find all the plugins that are currently active on your website.
✅ After you’ve found out which of your services use cookies, make sure you set up blocking third party codes and cookies. For more detailed instructions o how to add the cookie-blocking mechanism, click here.
Mistake #3: Your users have no way to change or revoke their consent
A major drawback, is if your users have no way to go back and change their settings on the cookie banner if they change their mind. For visual reasons, many website owners neglect this option. Placing a widget on the side of the page may not be very aesthetic. But be assured that this is mandatory according to the GDPR. Your users must always have a way to change their settings at any time, and you must provide them with an easy way to do so.
✅ Make sure that, after accepting or rejecting cookies, the user can recall your cookie banner by simply clicking on a widget found on any screen of your website.
With the consentmanager Cookie Tool your widget can be 100% customized to your website design starting from your logo, banner placement, font and to the smallest detail!
Mistake #4: Your cookie banner is outdated
Having up-to-date policies linked in your cookie banners is a prerequisite for your users to legally exercise their rights. For this reason, you should stay away from compliance tools that only offer one-time-purchased policies. They may be cheaper, but you have to expect that your policies may no longer be current at any given time. In recent years, fundamental privacy laws have changed at least every 6 months and new countries/regions have been added. In this case, you are no longer protected as soon as legislation changes. And as you know, the landscape of data protection is constantly evolving.
✅ Make sure you use a cookie banner generator that will automatically update your policies and, if necessary, the banner in case of a change in legislation. Also, make sure that you comply with the laws in the geographical area of your users and in the region where your company operates.
Mistake #5: You are using Dark Patterns
Dark Patterns, another word for misleading design patterns, is a term coined by Harry Brignull on July 28, 2010, also the one running darkpatterns.org. These practices mislead users into making a decision that they did not initially intend to do. This is done through visual tricks that can emotionally trick the user into making a decision that is disadvantageous to them. In the case of cookie banners, this can take the form of the following:
- Pre-selected checkboxes
- Replacing the “reject” button with a “preferences” button.
- Defining marketing cookies as necessary cookies.
- The color of the “Accept” button is more noticeable than the “Decline” button, making one button more preferred over the other
- No option to reject all cookies, but instead disable individual categories based on legitimate interest
✅ The user must not feel persuaded or pressured to accept cookies. Therefore, make sure that your cookie notice does not contain any optical tricks and that you comply with the GDPR requirements for cookie banners.
Our advice? It’s always better to be safe than sorry and with proper research you can prepare your business well for 2023! With the cookie banner from consentmanager, avoid these common mistakes (and thus fines) and many more that you shouldn’t spend your precious time on.