In the interest of full disclosure, this article was not written by a lawyer, nor should this article be viewed as legal advice – rather as a series of examples of what various companies are doing to ensure they have informed consent as it relates to onsite tracking activities.
— Updated May 7, 2018 —
Since the beginning of 2018 (and even earlier in some cases!) your inbox and social feeds have likely been inundated with articles about the General Data Protection Regulation (GDPR), with some proclaiming it to be the end of days, and others that appear to be excited and optimistic about the future. While GDPR is a European regulation, it is designed to protect EU citizens no matter where in the world the website is based. Additionally, from a US-centric perspective, we should not be waiting for regulation to move towards user consent for data capture. Rather, we should proactively approach the future and embrace user consent for on-site tracking activities. If you’re not familiar with GDPR and all that it entails, this article provides a great overview!
While the majority of US sites are still lacking any kind of user consent or even basic cookie notification, there are several websites from various countries that have already made the move that can be seen in the examples provided below.
The people over at Google are pulling out all the stops when it comes to showing their attitude towards regulatory compliance and implemented a Cookie Consent window several months ago. When you click through to “See Details,” users see a video explaining cookies in a way the general public can understand, and they provide further resources on what they are doing to protect your data. Nice work, Google!
Cookie Consent by Insite is a UK-based organization that, you guessed it, provides cookie consent tracking guidelines (including customizable code for your own consent box) as well as other on site usability notifications. When a user looks to “Learn More,” they are sent to https://cookiesandyou.com/ which, similar to the content provided by Google, avoids using legalese and presents the information in terms everyone can understand. In fact, they even claim they made the website so their Mums could understand what cookies are. How sweet.
Cookiebot is a Danish organization that was specifically created for GDPR compliance. They have the biggest User Consent box we’ve ever seen. While this is informative, it could also be overwhelming for the common user when various types of cookies are displayed that the user may have never heard of, like that 29-day Rubicon Project cookie we noticed! Here’s an expanded view of the consent box:
Before making any kind of policy around GDPR compliance, be sure to speak with your legal counsel and avoid taking legal advice from blogs online. While there are many organizations out there with good intentions, there is also a lot of misinformation floating around and it’s important to protect your organization moving forward as the penalties for violating the law have the potential to be significant!