A Cross-Country Analysis of GDPR Cookie Banners and Flexible Methods for Scraping Them

要旨

Online tracking remains problematic, with compliance and ethical issues persisting despite regulatory efforts. Consent interfaces, the visible manifestation of this industry, have seen significant attention over the years. We present robust automated methods to study the presence, design, and third-party suppliers of consent interfaces at scale and the web service consent-observatory.eu to do it with. We examine the top 10,000 websites across 31 countries under the ePrivacy Directive and GDPR (n=254.148). Our findings show that 67% of websites use consent interfaces, but only 15% are minimally compliant, mostly because they lack a reject option. Consent management platforms (CMPs) are powerful intermediaries in this space: 67% of interfaces are provided by CMPs, and three organisations hold 37% of the market. There is little evidence that regulators’ guidance and fines have impacted compliance rates, but 18% of compliance variance is explained by CMPs. Researchers should take an infrastructural perspective on online tracking and study the factual control of intermediaries to identify effective leverage points.

著者
Midas Nouwens
Aarhus University, Aarhus, Denmark
Janus Bager. Kristensen
Aarhus University, Aarhus, Denmark
Kristjan Maalt
Aarhus University, Aarhus, Denmark
Rolf Bagge
Aarhus University, Aarhus, Denmark
DOI

10.1145/3706598.3713648

論文URL

https://dl.acm.org/doi/10.1145/3706598.3713648

動画

会議: CHI 2025

The ACM CHI Conference on Human Factors in Computing Systems (https://chi2025.acm.org/)

セッション: Privacy and Safety

G316+G317
7 件の発表
2025-04-29 23:10:00
2025-04-30 00:40:00
日本語まとめ
読み込み中…