Menu
Cookie monster: adjusting to the new EU cookie banner legislation
Privacy policies — Barbara Jansink & Filip Ivanov
Picture yourself browsing to an animal shelter website to check out a cute dog your friend just shared with you. Before you can even take a good look at the adorable puppy, you are confronted with a pop-up. The pop-up pans out a big chunk of text, followed by two buttons: one is barely visible, while the other is nice and big, colored in a shiny green. In desperation to see the cute puppy picture as soon as possible, you just click the green button to get rid of the pop-up.
Person wanting cookie banner to go away asap to see the cute puppy

Go away with your walls of text, I just want to see the cute puppy!

Improving cookie banners

Now you probably never actively think back on this impulse action. We don’t blame you, with the serotonin high from looking at dog pictures. However, considering the button gives consent to share your data with the owner of the website, this should be a more conscious decision.

That’s what the European Union reasoned too, when they signed a pledge in order to improve cookie banners. The most important aspects the Union wanted to see improved are:

The button for rejecting cookies should be as visible as the one to accept cookies and also look the same. In this way users can make an informed choice and are not ‘nudged‘ to accept all the cookies.

Users should have the option to give consent for essential cookies, analytical cookies or marketing cookies. Each of these levels allows a different amount and type of data to be collected. This is in stark contrast to the commonly seen before ‘all or nothing’ style of collecting consent.

Cookie banners should be clear and concise in explaining what the different consent options are. This way users are informed adequately, but also not overwhelmed by reading long text. The moment of ‘I ain't got time to read all that! clicks accept all‘ should be avoided.

User is confused about too much content on cookie banner

Being confronted with a lot of text, a user instantly just wants to get rid of it and move on. Where do they click? You guessed it - that big, colorful button of course!

A new cookie solution

The new pledge seems straightforward enough: we shorten the text, change the color of the buttons, and then we are done, right? Unfortunately not, as we need to give users more options than just accept or reject all cookies and this has more impact than it seems.

More than just visuals

While implementing this new solution for one of our customers this was considered simply a visual change in the style of the cookie banner. However, it turned out that we had to reframe how we collect data from users.

The various and much more detailed levels of consent we now provide users required us to rethink the way we collect data. What we found was:

1 - We collect data in a lot more places than anticipated

Modern web apps collect a lot of data in a lot of places. With this also comes a lot of places where we needed to alter the way we do this. In particular to check if the user has actually allowed us to collect the data we want via giving the necessary level of consent.

These checks needed to happen everywhere in our whole system and required a lot of adjustment to functionality both on a macro and micro level.

2 - We cannot rely on using technologies the same way

In addition to collecting data, we also had to rethink the technologies in our web app. With the old ’all or nothing’ approach to cookie consent we could rely on all technology being available no matter what, but with a more sophisticated approach this is not the case. Put simply, we can only use the tech the user has allowed us to via their consent level.

For example, even something as simple as remembering the step a user is on in an application form cannot be done if they have not given us consent via accepting functional cookies.

3 - This makes things a lot more complicated, everywhere.

As a result of having to adjust both our data collection and technology use based on the level of consent, we had to fundamentally rework a lot of functionalities. A lot of things that could previously be assumed to work now needed to account for a lot more complicated scenarios so that the web app remains usable and provides a good experience for any and all combinations of cookie consent.

User who is able to make educated decisions based on more detailed consent
Conclusion

The new requirements put forward by the EU have made things a lot for fair for anyone on the internet. Now consent is gathered in a much more informed way and data and technologies are now only used if consent is given. However, this also comes with a lot of challenges from relatively simple rethinking of data collection to fundamental restructuring of web app systems such as the one we are working on for one of our clients. Regardless of the complexity, these challenges are something that all web app systems will need to face sooner rather than later and at El Niño we are prepared for it!

Have a project in mind?

Let's talk and discover the possibilities through technology together. We'd love to learn more about your business, idea or product.

Get in touch