Automatically deal with cookies pop-ups using Consent-O-Matic extension

Based on the Brave blogpost that people are linking to, I don’t believe that it opts you out of anything (unless I misread). (this is alluded to throughout the post but is most clearly stated in the section " Comparison to other systems" where they contrast their approach (just hiding the notice) with systems that attempt to automatically opt you out).

Sites cannot legally track you in the EU at least if you do not opt in

Could you provide a source for this, If that is true (without caveats) that is great news and would cause me to change my position. But it surprises me that I have never heard that mentioned or discussed before considering how frequently the GDPR comes up in privacy circles.

Besides, many of these cookie banner systems are third party trackers themselves. By blocking those from being loaded you favour privacy more than to allow them to load and tell your choice.

This seems to conflict with what you said above. If it is accurate that you can’t legally be tracked in the EU without explicitly opting-in, why would that not apply to these cookie-opt-out banners?

1 Like

To come back on your post as promised in DM:

Yes opt in is required under the GDPR. An opt-out option like common in the USA does not comply with the GDPR. Also, pre-ticked boxes are not allowed as this classifies as opt-ing out not in (How opt-in consent really works) GDPR requires what is called informed consent. (What are the GDPR consent requirements? -
In fact Google received one of the first fines under GDPR because they did not ask consent correctly: GDPR violations: What you can learn from the first 50 million € fine issued to Google - Blogpost

The ICO (UK’ DPA) who has pretty much the same regulation outlined the guidelines for compliance in nglish here: How do we comply with the cookie rules? | ICO

So in conclusion when websites place trackers without having received informed consent aka opt-in. They are in violation of GDPR as they cannot have received such informed consent. Now this doesn’t mean that this never happens. In fact, we all know that many companies still do not comply with the regulation. That’s why features like forgetful browsing are a good layer of defence.

Also, I like to add that even if you opt out of cookies commonly websites will just place them regardlessly. Often the cookie banners are not correctly configured. This is something I frequently see, and based on that I dare to say you cannot and should not rely on opting out.

GDPR will help Europeans to enforce their rights to companies that neglect human rights, but it does unfortunately not mean that opting out is giving you what you expect.

Why is it better to just block the banners:
Well simply typically the consent platforms besides being full of (illegal) dark patterns ( are the services that actually load the third parties. F.x. Onetrust ( or Google Consent Manager ( gets consent. Google Tag Manager then loads in third party scripts (How to Install Meta Pixel with Google Tag Manager (Facebook Pixel) (2024)), and it can even proxy them (프록시 서버 라우팅 설정  |  Google Tag Manager - Server-side  |  Google for Developers) so that you cannot block them. This is why you should block the entire Google Tag Manager.

It’s always good to keep track of the other side of things. It’s good to monitor how marketing works and familiarize with their techniques to improve your defenses.

1 Like

This looks like great info, thank you for all the references. It’ll take me some time to wade through it, but for now I just wanted to say thanks for taking the time to write this well sourced comment.

1 Like