The Privacy Suite for WordPress

Most websites still not GDPR compliant

Get compliant today in the European Union, United States, Canada, United Kingdom, Australia & South Africa with the only Privacy Suite for WordPress that offers a fully-featured plugin for Worldwide Compliance.

Vodafone.com – EU – 6/2019

Common issues

When browsing the internet, most websites I come across are not GDPR compliant. Most of them seem to either try and fail, or won’t comply on purpose.

Common issues and occurrences:

1. “If you continue to browse this website, you consent to our .”

Which is a recognition of GDPR as a privacy law, but they chose to disregard it at the same time.

2. “We use cookies on this site.” No deny button or preferences available. Just “Accept”.

As number 1, a clear recognition followed by disregarding any effort in their user’s privacy. Which begs the question, why any effort in the first place?

3. A cookie wall.

See the link for more details; the cookie wall is not applicable for 99.9% percent of websites.

4. Accept or Deny. But we the cookies have already been set or can’t be revoked.

An accept or deny banner can be compliant. But we have seen too many times this banner appearing after cookies are already set and consequently a useless “Deny” button. If cookies are already set, you’re not compliant. If they can’t be revoked. You’re not compliant.

“Deny” should be the default at first load, as opt-in should be the user’s consent.

5. Levels of consent with categories you can choose.We have checked them all, just to be sure. Unchecking won’t matter, cookies are set!

The most common “work-around” it seems. Controlling the cookies by category, but expecting your users to opt-out, instead of opt-in. Which defeats the purpose of consent. This is the most popular window dresser for GDPR compliancy, but funny enough also the most visible one.

Furthermore

Some sites do have a popup with categories, where you can select “marketing” if you want. Or they have a cookie banner with an “accept” and “decline’ button. These sites visually seem to comply with the GDPR, but often are not.

If you actually check cookies on these sites, you will probably see the same thing on most of them: Be it the informational warning, a “browsing implies consent” warning, or even a “select your preferences”, with a checked “marketing” option (I’ve seen this with Cookiebot for example).

Or the “accept” or “decline” variation, in most cases you will see that Facebook, Youtube, , advertisements, etc are already loaded before you have accepted cookies, selected the marketing category, or continued browsing.

You as visitor might not realise this, but when you see these services, you’re already being tracked, consent or not! For example. Uber.com

A quick scan

These sites are thumbing their nose’s at the GDPR in a serious way:  when you visit such sites, and check your cookies, you will see you’re already being tracked. These cookie warnings are nothing more than window dressing. The site is suggesting you can choose to opt-in (with the marketing category, or by clicking accept), or you can still choose not to continue browse and leave the website. But you are being misled, be it deliberate or not.

Sure, maybe the site owner is not aware of this. But as a site owner you should and are indeed responsible! And, I suspect that in a lot of cases, site owners are aware of the issue, but choose to ignore it.

If you’re a website owner and you’re not sure if your site is really compliant, it might be a good idea to do our quick scan.

Recent articles

The Privacy Suite for WordPress
Get compliant today with the only Privacy Suite made for WordPress

Categories

Popular articles

LGPD Brazil and WordPress

The “Marco Civil” and the Brazilian General Data Protection Law (LGPD) In Complianz 5.4 we will add full support for the Civil Rights Framework for

Read More

Join our mailing list - 8 Tips & Tricks in your inbox over the next 8 weeks!