Cookie Banners: The Most Common Mistakes to Avoid
In addition to a privacy policy, the cookie banner on a website is an equally important element of general data protection, but complaints about misleading cookie banners are increasing.
With fines in store for 2022, we are currently in a state where website operators should be very cautious when navigating the privacy minefield. You certainly don’t want to attract the attention of data protection authorities or lawyers (remember the Google Fonts warning wave 🤯?).
For this reason, in this article we address the 5 most common mistakes when using cookie banners to protect you as a website operator from possible fines and at the same time optimize the user experience for your customers.
If you are in a hurry, click on the following links (completely free!) and become GDPR compliant now :
🚀 Get your website scanned now →
🚀 Create a cookie banner in minutes →
Mistake #1: They don’t display clear “Agree” & “Reject” buttons
The first and probably the most common mistake you see today is the lack of clear “Agree” and “Reject” buttons, which is mandatory for a GDPR compliant cookie banner. According to the GDPR, visitors to your website must be able to recognize both the “Reject” and “Agree” buttons. Note here that both buttons should be equally recognizable .
Remember the headlines in early 2022 when Google announced it would add a “deny all” button to its cookie banners? This was a minimum requirement for using a GDPR compliant cookie banner, but also a defining moment that defined the need for this measure. And this thanks to the decision of the CNIL (French Data Protection Agency), which fined Google a total of 150 million euros in January 2022 alone (including YouTube!).
✅ Follow the example below and use consentmanager’s cookie banner generator for your website to ensure your cookie notice displays the “Agree” and “Reject” buttons. Our system will also show you which cookie banner designs we do not recommend.
Mistake #2: Not blocking your cookies before consent
Another common mistake many cookie banners make is not blocking cookies before consent is given.
What does the previous block mean and how does this mechanism work?
All non-essential cookies must be blocked before the user gives consent. This means that your website should be able to stop the execution of cookies before consent is given. This can be quite a technical task if you don’t manage your website’s content yourself. Therefore, check all active plugins that use cookies in the background. And if you’re not sure, a cookie scanner can be of great help. Most services these days offer this for free, and with that you can find all the plugins currently active on your website.
✅ After finding out which of your services are using cookies, make sure you set up a pre-script block. For more detailed instructions on how to block cookies, please click here .
Mistake #3: Users have no way to change or withdraw their consent
A major shortcoming of a non-compliant cookie banner on a website is that if the user changes their mind, they have no way to go back and change their settings. Many website operators neglect this option for visual reasons. Putting a widget on the side of the page might not be very aesthetic. But be sure that according to the GDPR this is mandatory for cookie banners. Your users need to be aware that they can change their preferences at any time, and you need to provide them with an easy way to do so.
✅ Make sure that after accepting or rejecting cookies, the user can return to your cookie banner with a simple click on your website screen.
With the consentmanager cookie tool, the widget can be 100% adapted to the design of your website: logo, placement, font down to the smallest detail!
Mistake #4: Your cookie banner isn’t up to date
Up-to-date policies linked in your cookie banners are a prerequisite for your users to be able to lawfully exercise their rights. For this reason, you should stay away from compliance tools that offer buy-once policies. They may be cheaper, but be aware that your policies may be out of date . In recent years, fundamental data protection issues have changed at least every 6 months and new countries/regions have been added. In this case you are no longer protected as soon as the legislation changes. And as you know, the landscape of privacy laws is constantly evolving.
✅ Make sure you use a cookie banner generator that will automatically update your policy and, if necessary, the banner in case of a change in legislation. Also, make sure you’re compliant with the laws in your users’ geographic area and in the region where your business operates.
Mistake #5: You’re using dark patterns
Dark Patterns, another word for misleading design patterns, is a term coined by Harry Brignull on July 28, 2010 registering darkpatterns.org. These are practices that lead the user to make a decision that he did not intend. This is done through visual tricks with which the user can be emotionally induced to make a decision that is disadvantageous to him. In the case of cookie banners, this may take the form of:
- Preselected checkboxes
- Replacing the “Decline” button with a “Settings” button
- Definition of marketing cookies as necessary cookies
- The color of the Agree button is more prominent than the Decline button, giving preference to one button over the other
- No option to refuse all cookies, but instead opt out of individual categories based on legitimate interest
✅ The user must not feel persuaded or pressured into accepting cookies. Therefore, make sure that your cookie notice does not contain any optical tricks and that you comply with the GDPR requirements for cookies.
Don’t lift a finger here and prepare well for the year 2023! With the consentmanager cookie banner you avoid these common mistakes (and thus fines) and many more that you should not spend your valuable time on.
