What happens in the US does not stay in the US! It actually affects industries across the world and change happens everywhere. The latest from the US is cookie consent management. Though there was a call to eliminate cookies altogether, Google stepped in with cookie consent management. Allowing users to choose and manage their cookies. This move has given businesses time to adjust their cookie policies to increase user privacy and data protection. This can be a great opportunity for you to lead the way in cookie consent management, and show your customers that their privacy and consent are important to you.
Google, which was initially all for completely doing away with cookies, suggested consent management, and it seems that a cookie-free world is where we are headed. Right now, the EU ePrivacy Directives, General Data Protection Regulation (GDPR), and California Consumer Privacy Act (CCPA) are currently being used to govern cookie consent management, and all signs indicate that in the future, laws are going to get even stricter. But of course, that will take time. Till then, you can empower your users and give them back control of their data.
What is GDPR and CCPA?
Any business offering services and products to people staying in the EU region has to comply with the GDPR and offer users opt-in and opt-out consent options. CCPA protects the privacy of citizens of the state of California, and if companies want user data, they will need to give the opt-in option and only when users choose this company can have access to data.
Types of Cookie Consent Models
Opt-In Consent Model
When users log on to a website, this form appears on the screen and users can then ‘opt-in consent’ meaning voluntarily agree to access their data through cookie placement and give permission to businesses to send them marketing-related emails and newsletters.
However, all permissions aren’t grant through one single permission check. The pop-up box will have multiple options that the users have to manually check, so website owners only have permission to do activities only allowed by the user.
For example, if a user only checks the options of placing cookies to track online activity, and does not permit marketing emails and newsletters, then the website owner can only place cookies and nothing else. This is the opt-in consent model.
Opt-Out Consent Model
In the opt-out consent model, which is the opposite of the opt-in model, the users have to revoke permissions for certain options. For example, the user can revoke the website owner’s permission to mine data, place cookies, and even send emails and newsletters. In this type of cookie consent model, there are two ways users can remove consent:
- Pre-emptive Opt-Out
When the user logs on to a website, the consent box appears with all the permissions already checked. The user then has to uncheck the permission they want removed like the placement of cookies, mining of data, and the emailing of marketing materials.
- Consent Withdrawal
In this method, the users can remove all the previously given consents after they have changed their minds. Many times, users don’t know what they are permitting websites to do, so this option has to be given for them to withdraw consent.
Implied Consent Model
Whenever a user logs on to a website, the cookie consent manager assumes consent for tracking data and placing cookies is implied. So, the actions happen when the user visits the website and browses through it. Users are inform of the cookie placement on their devices.
Granular Consent Model
Different types of cookie categories collect various types of data. In the granular consent model, users can choose the different cookies they want to activate and categories they don’t want at all. This consent model empowers the users, giving them control of their data and privacy, while still giving a website a chance to place important cookies that will help them as well.
Cookie-Wall Consent Model
When a user logs on to a website, a wall pops up asking them to consent to placing cookies. If the user agrees to the placement of cookies and website tracking then they can proceed to the website and continue browsing. If the users do not consent to cookies and tracking, they are blocked from proceeding on the website. This type of consent model is in direct violation of the GDPR and may get websites using this shut down or its access restricted in locations where GDPR applies.
Best Practices for Cookie Consent Management
- Place your cookie consent pop-up notice unobtrusively with all the relevant information to ensure user experience isn’t hamper.
- When it comes to language, the simpler, the better. Technical and legal language can cause people to leave the website.
- The pop-up notice should have a link to the cookie policy page, so customers who want to read it in detail can.
- Give information on why, what, where, and how regarding the cookies on the website.
- Give users the option to choose all cookies, important cookies, and no cookie placement on your website. This way, users tend to select important cookies.
- Users may want to contact you for cookie-related queries, so give them all the contact info they need for this.
Today users are inform about cookies and data tracking and want their privacy not to be compromise. You can lead the way by having the right cookie consent manager to ensure that the people who visit your website. Your customers and potential customers, feel like their data and information on their online activities are safe, and they have control over them.
Therefore, use the Google tag manager to ensure your website is reaching the right people and ensure your website complies with GDPR and CCPA, so your customers know their data is safe.