Communications of the ACM

Privacy

Cookie Monster

By Lorrie Faith Cranor
Communications of the ACM, July 2022, Vol. 65 No. 7, Pages 30-32
10.1145/3538639
Comments

European privacy laws requiring opt-in informed consent for the use of tracking cookies on websites gave rise to the now-ubiquitous cookie consent banner. Subsequently, less stringent laws in the U.S. and elsewhere have led to websites that set cookies from the get-go but display cookie banners that offer opt-outs. The Web is now littered with inscrutable cookie banners that do not seem to provide any functionality, do not deliver on claimed opt-outs,⁶ use dark patterns to nudge users to consent to all cookies,¹ or leave users puzzled. Users respond to these misguided compliance efforts by clicking whatever seems most expedient to get obtrusive cookie banners out of the way, providing consent that is anything but informed.

We have been studying cookie consent banners in my lab at Carnegie Mellon University to gain insights into how banner design impacts user comprehension and what cookies they accept. In one study, we created a retail website and recruited participants to test it out. We randomly assigned more than 1,000 U.S. participants to see one of 12 cookie banners on the website while they were shopping. After they completed the shopping task, we asked them questions about what they had consented to and why, as well as their comprehension of words used in the banner.¹

---

No entries found

Log in to Read the Full Article