What We Do
Creative Development Digital Marketing
Our Work
Our People
NEWS & INSIGHTS
Careers
Get In Touch

Cookie Compliance and Consent Mode

In recent news, major tech players like Google and Meta have been fined substantially due to non-compliant consent cookies. Google faced a staggering €150 million penalty, while Meta platforms received a €60 million fine for breaching compliance regulations. As a result of these fines, Google has introduced a hard deadline of March 2024 for companies to set up and have Consent Mode switched on as part of their required website's cookie banner. 

 

What is Consent Mode, and How is it Linked to Cookie Banners?

Google's Consent Mode simplifies compliance with privacy regulations like GDPR by allowing website owners to customise Google tag behaviour based on user consent to specific cookie types, such as advertising cookies. For instance, if a user declines consent for advertising cookies, Consent Mode ensures that only essential tags are activated, preventing user data from being used for targeted advertising.  Consent Mode and website cookie banners work together to facilitate user consent management and enhance compliance with data protection regulations. Consent Mode dynamically adjusts the behaviour of Google tags based on user consent preferences obtained through cookie banners, ensuring user data is used by their consent choices.

 

Google and The March Deadline

Failure to have a Consent Mode-enabled cookie banner in place will have a catastrophic impact on your company's Google Ads. If by 6 March 2024, Google Consent Mode is not enabled, Google will block analytics for all ads in a company's Google stack. Companies also risk losing connectivity with essential services like Google, Gmail, and iOS, which could significantly impact their online presence, customer interaction, visibility, and user engagement.

It is expected that all websites utilising advertising cookies provide users with a fair choice regarding their consent to using their data for targeted ads, and the Information Commissioner Office (ICO), responsible for enforcing compliance, strongly urges companies to act now.  

 

The ICO Cookie Banner Policy, Their AI Detection and the Consequences

The  ICO has clarified that they will closely monitor websites for compliance with the PECR and UK GDPR cookie consent guidelines, with monthly assessments and direct outreach to non-compliant companies. However, recently, they have accelerated efforts by developing an AI solution to help identify websites using non-compliant cookie banners. Therefore, the ICO strongly urges companies to act now to ensure their cookie banners comply to avoid penalties. For serious breaches of data protection principles, the ICO can issue fines of up to £17.5 million or 4% of a company's annual worldwide turnover, whichever is higher.

Critical Areas of Concern Identified by the ICO 

The ICO has outlined specific areas of concern regarding stand-alone cookie banner compliance and compliance concerning Consent Mode, including:

  • Not having a Cookie Banner at all: Consent Mode cannot be enabled, and consent from the user cannot be given.
  • Placement of Non-Essential Advertising Cookies Without Consent: Placing advertising cookies without obtaining prior consent from users is a direct violation of regulations.
  • Pre-Consent Placement of Cookies: Cookies should not be placed before users' consent.
  • Difficulty in Rejecting Non-Essential Cookies: Users must be given a clear option to reject non-essential cookies to ensure transparent consent practices.
What You Need to Do

It is crucial to take immediate corrective actions to avoid penalties and gain the trust of your users. The ICO expects companies to:

  • Have a compliant cookie banner clearly displayed on their website
  • Have Consent Mode switched on as part of the cookie banner
  • Refrain from placing non-essential advertising cookies without valid user consent.
  • Provide users with clear options to reject non-essential cookies during the consent process.
  • Respect users' choices regarding cookie placement and data processing.

Act Now to Safeguard Your Website's Compliance

We urge all companies to review their cookie practices and take necessary steps to ensure compliance with PECR and UK GDPR guidelines. 

Contact us today, and let's ensure your website meets the compliance guidelines and you don't miss the March deadline that will affect your Google Ads analytics and connectivity with essential services.