Why would you accept?
No, we are not tired of revisiting online consent, cookie banners, and ePrivacy stupidity.
So Cristiana Santos and Victor Morel just released a new study (“I will never pay for this”). They are now asking people about their thought process behind accepting or rejecting website trackers when presented with a “Consent or Pay” choice.
I have long admired the perseverance of this talented team (which I had the pleasure to interview) in pursuit of fair value exchanges and the protection of fundamental rights through the lens of online interactions and covert data collection practices. And yet, there is one angle or hypothesis that I thought was missing from their latest analysis, perhaps because none of the participants ever raised it, or most likely because it does not present itself as naturally in pure “Consent or Pay” scenarios.
Most people I discuss consent banners with confess that the reason for them to accept cookies has little to do with trust, a unique value proposition, or a desire to benefit from more personalized experiences. Instead, they do so out of fear (and in anticipation) of technical failures, additional visual impediments, or persistent nagging. In other words, they have been “tamed” or “arm-twisted” into compliance by poor prior experiences, recurring pop-ups, and UI crashes. Rather than investing more time and energy into preventing further exposure of their personal traits or preferences, they are bent into submission by an impossible system.
Is this what we really meant when we said “we care about your privacy”? Is this what was assumed when “freely given” consent was redefined across multiple jurisdictions?
Or, an even more interesting question: Would anyone really agree to any kind of data collection activity (innocuous, beneficial, or potentially harmful) that they are unable to properly evaluate? Is it not true that, faced with a system that did not penalize the prudent, most people would simply give trackers a pass?
In sum, Why would you accept?
Because you worry that the damn thing won’t go away, or something will break and send you back to square one.
Because the banner makes a mobile website entirely unusable unless you find a way to discard it (by accepting).
Because the collective mistreatment of internet users over the past seven years has paved the way for any website currently deploying a CMP (Consent Management Platform), whether properly or not, to falsely believe they are offering transparency and choice.
None of this was foreseeable back in 2019, when a joint study from the Universities of Ruhr and Michigan concluded that acceptance rates would amount to 0,1% if all of the elements of valid consent were present (as required by European Data Protection Board guidelines). But it probably became clear to every business that full compliance amounted to “data suicide”, and so began the race to the bottom.
Of course, fresh enforcement efforts—and renewed reminders about the business risks of poor acceptance rates—are driving the rise of “Consent or Pay” models. These models represent a problematic attempt to force a “contractual necessity” (a round peg) into the “consent” framework (a square hole), largely as a result of the EU’s ongoing ePrivacy impasse. In this respect, the blame lies squarely with Brussels.
The floodgates are now open, and everyone is worse off for it. We all have to cope with insufferable banners that cost websites money and technical challenges while doing nothing to empower customers or filter out intrusive practices.
(You are reading a GenAI-free article, solely relying on auto-correct for some expressions and typos. The image above is AI-free as well, retrieved from Canva’s photo repository.)