Goatcounter or Plausible will do fine. Some decent frontend log parsing will also be a viable strategy.
Stop feeding Google your customers data for free.
For companies doing this the right way, the banner was just the tip of the iceberg, loads of work went into ensuring compliance behind the scenes, so customer and employee data was not shared with 3rd parties unknowingly. In one case the list of 3rd parties went from +400 to about 70, this is in my opinion a win for privacy, the culture around sharing your data went from casual to cautious.
Secondly, the culture around trusting meta and google blindly with behaviour data changed drastically. Businesses became aware of how much valuable data they share with these platforms, which actually puts them at great risk, should you really give these platforms detailed data on what customers browse and buy on your site, so they can use the data to sell targeting for competitors, or direct users towards their own shopping platforms?
So, yes the law is not perfect, we all hate the banners, but at least what happened in those early implementation days when the banner became law, was a change in culture around how data was shared and a better understanding of the risk for the business of using 3rd parties.
to be fair that is the choice. And ideally, the invisible hand would show that this is a horrible idea and cause a huge spike in traffic, but alas.
I think "stop putting popups cookies" on websites is an extreme stance, but I agree we could use fine tuning on the little things to help keep the spirit of the law. It should indeed be opt-in and not "ask for forgiveness". And it should adhere to current compliances.
This is indeed the obvious solution. I don't understand why the EU didn't mandate the do not track flag to be obeyed. I know some browsers already removed it but that was because nobody bothered to obey it. As soon as it can be mandated it will be useful and come back quickly.
Also, there was criticism from the advertising industry that the do not track was on by default but that's how tracking should work in the EU anyway: opt in.
By not doing this the EU keeps getting flak for the many cookie walls.
I'm afraid that these banners, because these are called "cookie banners" and not "consent to us using your data and giving it freely to other companies banners", will just go away, people (& companies) will be happy, and the consumer stays a fool.
I would really like to see these die. Regulators should just work with browser vendors to make an API that I can set at the browser level, and websites just read that to know my preferences and leave me alone.
Most users are now giving explicit consent to be tracked! What a dream! Before, they had to worry about legal grey areas!
Now the legislation says it's fine, as long as they click "OK". Which almost every user does because they are tired and annoyed by the pop ups.
Thank you legislators!
Are there any tools to check websites to see that they do what they say they will do? Or is it a manual thing?
There's no upsides for a website from providing an easy "Never track me" button, or just not using analytics cookies - you don't have to put up cookie consent banners for technical cookies used to save e.g. light/dark mode preference
That's simply not true. In order for consent to be valid under GDPR, the service should operate normally if you decline tracing cookies. Otherwise it's considered a "forced consent" and is not valid.
Then you don't need cookie banners or gdpr consent popups. It is not that hard. But you want to screw your clients for profit, I know, in that case, you need them or get fined. Which you should be for misusing my information/behaviour and privacy. Nothing good did come of ad tracking, user fingerprinting and data selling, so I wish you many fines.
Under the GDPR sites are emphatically NOT allowed to deny service over rejecting cookies.
Iirc the only valid options are providing a paid alternative or blocking service to the entire class of GDPR covered citizens.
Here's the twist: Good news is (for me), I can[1] track and do whatever I want with any other IP address. You visit my site? Well, thanks to nobody else I care about having GDPR-like regulations in place, I can make sure I'll not only track you down and display ads across all advertiser networks, feed them your visit in all imaginable and unimaginable ways, but I can do it in such a targeted way that it's borderline scary. I can literally use any information you gave me on my websites, like your name, your location, proximity to anything. And if I can't then the advertiser can. And in the case of that particular lawsuit mentioned in the article, collecting all user consents, their IP addresses, and basically which websites they visited, its like a gold mine for advertisiers. If it isn't one yet, it can be turned into one with the click of a button.
It's like that one case a few years back, where a health insurance company bought a bank and started closing bank accounts from people they knew were risk patients.
Simply connect the dots...
GDPRs promise was to make it harder to do so. It wasn't the plan to annoy the hell out of everyone with banners. The whole idea was to not allow tracking unless you opted in, because quite frankly, its scary.
And no, I'm not a fan of GDPR or overregulation. But in reality, there hasn't been any tech I've come across that really protects the non-technical internet users at large. There's uBlock and plugins, but not installed by default or built into standard mobile browsers. Apple might be close for regular consumers to stop the excessive tracking and companies like FB really hates them for it (for good reason, it costs them big $$). Google will never shoot their own foot by integrating non-tracking tech into any of their products.
So, no, my opinion is don't stop that darn annoying cookie pop-ups unless you also stop the tracking. If you stop the tracking, remove the cookie pop-up. As easy as that.
[1] I don't do it, but I could. I'm not a reckless psycho-marketer.
Both Europe and California consider IP addresses PII and this is the result.
I fail to understand companies that display page after page of cookies and tracking stuff for you to approve don't see the issue with their actions or the insanity of "allow us to share data with our 1500 partners". Does no one in these business look at this and go: "Hey, why do we need 50 different tracking tools" or "Why do we share customer data with over a thousand other businesses?".
When you actually read what these pop-ups says, then you understand why they are there, and why the problem with the laws isn't that it's annoying, but that it is not much more restrictive.