Cookie banners in 2022 – what you need to know

Cookie banners must provide information about the types of cookies used by the website and how they work. A detailed page is ideal for this purpose. Be thorough when describing the cookies you use and their purposes. Otherwise, users may not be sufficiently informed and their consent may be contestable. At the same time, the respective service provider that processes the cookies should also be disclosed. This is particularly important with regard to US providers and should be noted in the general view! In addition, users must be informed about how long the cookies store their data. They must also be able to object to this without any problems. Users must be able to find out how your website handles their data at any time. For this reason, we strongly recommend linking your privacy policy in the cookie banner.

First, a quick reassurance: not every cookie needs to be confirmed individually. Instead, users may be asked for their consent to all cookies after they have given their consent, provided that they are sufficiently informed about this in a short info text. Otherwise, as we already reported in our last blog post, there are some clear rules on how cookie banners on websites should look:

• Your banner should actively request consent. Implied consent (“By continuing to use this site, you automatically agree...”) is no longer valid.
• It must be easy to decline. Users must be able to object to the use of cookies without having to click through a series of complicated steps. Therefore, include a “Decline” button at the beginning of your cookie banner that allows users to decline all non-essential cookies.
• Keep the buttons consistent! Not only does this look much cleaner, it is now also the only legally compliant option. Visually highlighted “Accept” buttons will only be permitted in future if you want to design your “Reject” button in the same way. However, the two options must no longer be visually weighted. To be on the safe side, you should therefore design both buttons to be exactly the same.
• Save yourself and your users the hassle of opt-in lists. Since users can confirm or reject all non-essential cookies in advance anyway, very few will ever reach this view. Furthermore, the cookies in this list must not be pre-selected. No user will click through to this list to then consent to individual cookies. There are no data samaritans!

A good example of this is the cookie banner of our client, the Paritätischer Wohlfahrtsverband Niedersachsen (Parity Welfare Association of Lower Saxony). The buttons are uniformly designed, all information is quickly and easily accessible, and anyone visiting the site can revoke their consent at any time by clicking on the link at the bottom left.

In addition to the cookie banner, there are a few other things you should keep in mind:

• Include an opt-out option. Users must be able to withdraw their consent to the use and storage of data at any time on your site. This is one more reason to optimize the overall user experience of your site. Otherwise, consent declarations could be withdrawn faster than you can say “usability.”
• Do not link website use to consent! Some websites want to make their use dependent on consent in the cookie banner by means of cookie walls. Given the low consent rates under normal conditions, this idea is understandable, but if you want to increase your reach and avoid high bounce rates, you should refrain from using this method. Especially since certain industries, such as doctors, lawyers, and the like, as well as websites that are also aimed at minors, are also entering a legal gray area by doing so.

All our recommendations are based on the current legal situation. The past year, 2021, has shown us that this can change quickly. While cookie banners are constantly looking for new ways and loopholes to obtain user data, data protection authorities are continuing to refine the relevant laws and close more and more loopholes. Even those who are currently on the safe side and avoid gray areas and the like will still be affected by these changes and will have to upgrade their systems. This is an enormous effort when you consider that not even half of all internet users ultimately give their consent, which means that data quality is at least limited.

Our clear recommendation therefore remains unchanged: if you can do without the data obtained through cookies, you should switch to cookie-less tracking this year. This will ensure that you are not affected by most future changes in this area and will significantly reduce your workload. If you primarily use cookies for customer journey, shop, and UX analyses and can do without data on surfing behavior or other personal information, then you should also do without cookies that require consent. You can find more information on this on our blog.

We love writing about cookies! You can read more about them here:

• www.drive.eu/en/drive-blog-en/blog-detail/how-to-get-rid-of-google-analytics
• www.drive.eu/en/drive-blog-en/blog-detail/cookies-for-everyone-the-verdict-is-in-and-its-no
• www.drive.eu/en/drive-blog-en/blog-detail/cookies-and-where-2020-may-take-us
• www.drive.eu/en/drive-blog-en/blog-detail/trackingarmageddon
• www.drive.eu/en/drive-blog-en/blog-detail/trackingarmageddon-2
• www.drive.eu/en/drive-blog-en/blog-detail/trackingarmageddon-3