Home Data Privacy Roundup Why Are So Many US Companies Using Cookie Banners On Their Websites?

Why Are So Many US Companies Using Cookie Banners On Their Websites?

SHARE:

Most people would agree with this statement: “Pop-ups are annoying.”

A rather amusing article in The Verge laments the recent unfortunate revival of website pop-ups, which the author describes as dogging them through the hellscape of their internet experience with messages pushing them to like, subscribe, click, listen, sign in and accept all.

But some pop-ups aren’t just detrimental to the user experience of a website – they’re worse than pointless from a privacy perspective.

Under fire

Although it’s not legally required, many websites in the US have started using cookie banners in a misguided attempt to protect themselves from lawyers who smell blood in the water.

The plaintiff’s bar is well known for getting creative with their application of the law to support often tenuous class-action claims, including the 1998 Video Privacy Protection Act (VPPA) and state anti-wiretapping statutes. Both are increasingly used as the basis for privacy-focused lawsuits.

The VPPA, for example, is a law that was passed back when Blockbuster was still a hot commodity. It prohibits “video tape service providers” from sharing personally identifiable information about the videos someone has watched without their permission.

Several years ago, a wave of lawsuits attempted to extend the definition of “video tape service provider” to any business that has a website capable of playing video, such as Hulu. More recently, lawyers have been trying to broaden the definition even further to include social platforms.

According to an analysis by Bloomberg Law, at least 47 proposed class-action lawsuits were filed between October and February 2022 claiming that Meta is in violation of the VPPA because its tracking pixel shares personal video consumption data with Facebook without consent.

These suits have met with mixed success. Some have been thrown out, some were voluntarily pulled, and others have been allowed to proceed. But companies are still nervous.

And so some are using cookie banners and tracking consent pop-ups on their websites as an ill-conceived shield from frivolous lawsuits.

Subscribe

AdExchanger Daily

Get our editors’ roundup delivered to your inbox every weekday.

Comic: Bark PatternsThe “cons” in consent

But there are a lot of problems with that “strategy.”

One: It’s reactive to lawyers as opposed to laws, at least in the US. There’s no legal basis for cookie banners outside of Europe. Most cookie banners are designed to address EU data protection obligations (and not all that effectively, if we’re being honest).

Unlike GDPR, which is an opt-in law, US laws mostly take an opt-out approach (other than for certain types of sensitive information).

Two: Cookie banners don’t help companies comply with US state privacy laws, none of which require consent pop-ups.

“These banners are regularly repackaged and marketed by consent management platforms as US privacy-complaint,” Daniel Goldberg, a partner at Frankfurt Kurnit Klein & Selz, told me. “Companies that deploy cookie banners may believe that they have satisfied ‘Do Not Sell’ and other opt-out obligations under US law when they actually have not.”

Three: People hate pop-ups, and the more they’re forced to see them, the less they register. Decision fatigue is real.

Four: Cookie banners are open to misinterpretation.

At an IAB Tech Lab Rearc privacy event in New York City in February, Jessica Lee, a partner and chair of the privacy, security and data innovation practice at Loeb & Loeb, told a story about her mother, who once commented that only websites that display cookie banners actually use cookies. Which is, of course, not the case. All websites use cookies.

Five: Companies need to be careful about the language they use in a cookie banner and the choices they offer. If a website gives someone the opportunity to opt out of all cookie tracking, for example, then that site is on the hook to honor the opt-out, even though it wasn’t legally required to ask.

“If someone clicks your opt-out and leaves your site with the impression that they’ve successfully been opted out of cookies and they haven’t been,” Lee said, “I think there’s even some risk of deception there.”

Well then. 🤯

Speaking of consent, I’d like to say thanks for opting in to receive this newsletter. Let me know what you think of it! Drop me a line at [email protected].

Must Read

LG Electronics

Alphonso Shareholders Win Their Suit Against LG Electronics Over Corporate Board Drama

After being summarily booted from the board of LG Ads in late 2022, Alphonso’s founding team has won its lawsuit against LG Electronics.

Bye-Bye Sizmek! Amazon Advances Flashtalking And Smartly As Alternatives In Advance Of The Shutdown

According to emails seen by AdExchanger that were sent to Amazon customers this week, Amazon is officially naming integration partners to offload clients of the Sizmek ad suite, now the Amazon Ad Server.

2024 Promises More Premium Inventory – And Bigger Budgets – For In-Game Ads

Given the deprecation of third-party cookies and the reemergence of contextual targeting, 2024 could be a big year for in-game ads – so long as game publishers position themselves as a source of premium inventory.

Privacy! Commerce! Connected TV! Read all about it. Subscribe to AdExchanger Newsletters

AdExchanger’s Top 3 Connected TV Newsletter Issues Of 2023

This was such a busy year in CTV land that we had to launch a dedicated newsletter just to keep up with all the trends, from measurement, currency, targeting and attribution to streaming data, identity, supply-path optimization and new ad formats – just to name a few.

M&A 2023: Ad Tech Deals Were Muted, But That Could Be A Mark Of Maturity

Who got bought in 2023, and who did the buying? Here’s a non-exhaustive list of some of the most notable ad tech M&A activity from this past year (with a few media and agency deals tossed in for good measure).

Comic: The Great Data Lakes

Snowflake Acquires Data Clean Room Startup Samooha

Snowflake has acquired Samooha, a startup that develops software to make clean room technology accessible to marketers who aren’t necessarily SQL wizards or data scientists.