We create website policies and consent banners for a living, and even we’d prefer avoiding cookie consent banners whenever possible. Being interrupted by a banner is never ideal, but for many websites, it is necessary to ensure that you’re respecting the privacy rights of your visitors and obeying the law.
Luckily, there’s just ONE THING you can do to avoid ever needing a cookie consent banner again. All you gotta do is…
Just kidding!
Jokes aside, there really is just one thing you need to do to avoid cookie consent banners: remove all non-essential cookies from your website. If you aren’t using cookies to track people, you don’t need to ask for their consent. Unfortunately, that’s easier said than done in today’s world.
In this blog, we will discuss what websites need a cookie consent banner and what steps must be taken to ditch the cookie consent banner once and for all on your own website.
Table of Contents
Which websites need a cookie consent banner?
Websites that use non-essential cookies to collect personal data or track users will likely need a cookie consent banner to comply with one of the several privacy laws that require websites to have a cookie consent banner. GDPR and CPRA, in particular, require explicit consent before tracking users with cookies. However, none of these laws apply to essential cookies, so what’s the difference?
Essential cookies – are small pieces of code placed on a user’s device that are necessary for the website to function properly. Examples of essential cookies include cookies used for security, logging in, session, and preference cookies.
Non-essential cookies – are small pieces of code placed on a user’s device that are not necessary for a website to function properly. Examples of non-essential cookies include cookies used for marketing, analytics, third-party tools, or embedded content.
Note: using non-essential cookies on your website is not a bad thing. You are not being punished for using them, rather it becomes important to A) let users know certain cookies are being placed on their device, and B) allow users to act on their privacy rights by being able to opt out. Cookie consent banners essentially show that your website respects users’ privacy rights.
So, if you want to avoid a cookie consent banner, you need to ask yourself two questions:
1) Is my website using non-essential cookies?
2) Can I get rid of the features using non-essential cookies?
1) Does my website use non-essential cookies?
The first thing you need to do is identify if your website even uses cookies. There are two main ways to do this:
Option 1: Scan your website
The easiest way to determine whether your website uses cookies is to scan it using a tool that will inform you whether your website does use cookies and what types of cookies it uses. For example, this scanner provided by Usercentrics will inform you of any cookies that are on your website, whether they are provided by you or by a third party (e.g. Facebook cookies).
Option 2: Inspect in Chrome
Another way to determine whether your website utilizes cookies is to use the “Inspect” feature in Chrome. We did a full, step-by-step writeup on how to do this on a previous blog. While we used Chrome as an example, you can do this with other browsers as well.
2) Am I using the features that are using non-essential cookies?
As we mentioned early on in this blog, most modern websites use non-essential cookies via features such as:
- Google Analytics (or most other analytics programs)
- Google Adsense
- Pixels from Facebook, Twitter, LinkedIn, Reddit, or other platforms that offer digital advertising
- eCommerce features
- Embedded videos (YouTube, Vimeo, etc.)
- Google Maps embed
While these are very common, it’s also common that website owners are not frequently using these tools. For example, let’s say you have Google Analytics on your website that’s placing tracking cookies onto your users’ devices. That’s fine, if you’re using those reports frequently to make business decisions. However, we see often that a website will have Google Analytics, but the website owner has never once looked at a report.
Go through each feature that uses non-essential cookies and ask yourself honestly, “am I really using this to improve my business?” If the answer is no, you could feasibly get rid of all non-essential cookies on your website. No non-essential cookies means no cookie consent banner is needed.
If you are using these features, there are sometimes more privacy-friendly alternatives available. These can sometimes offer many of the same benefits, while being less reliant on non-essential cookies. Try searching for “Privacy friendly alternative to ________” and see if there’s a good fit for you.
If you regularly use tools that place non-essential cookies on your users’ devices, you’re not doing anything wrong. You’ll just need a cookie consent banner that gives users the ability to opt out. That means it needs to have a “decline” option (not just “okay” or “accept.”) Termageddon has partnered with Usercentrics to offer a cookie consent solution that meets all the requirements for modern privacy laws.
3) Check to see what causes certain laws to apply to you (and avoid them, if possible)
We did an entire blog on what laws require websites to have a cookie consent banner. So let’s not go into too much detail here. Below are the questions we ask in our very own questionnaire and how answering them can determine if the banner-related privacy law applies to your website:
California Invasion of Privacy Act (CIPA)
If you include California in your answer to the following question, you likely need a consent banner for CIPA coverage in Privacy Policy remaining questions
General Data Protection Regulations (GDPR)
If you answer “yes” to EITHER ONE of these questions, GDPR will apply and a cookie banner will be required:
United Kingdom Data Protection Act 2018 (UK DPA)
If you answer “yes” to EITHER ONE of these questions, UK DPA will apply, and a Consent Banner will be needed:
Personal Information Protection and Electronic Documents Act (PIPEDA)
If you answer “yes” to the following question, PIPEDA will apply, and a Consent Banner will be needed:
Quebec Law 25
If you answer “yes” to the following question, Quebec Law 25 will apply, and a Consent Banner will be needed:
California Privacy Rights Act (CPRA)
If you generate over $25 million per year in revenue, or you answer “Yes” to any of the questions below, then you will need an opt-out consent banner for CPRA coverage:
Virginia Consumer Data Protection Act (VCDPA)
If you answer “Yes” to any of the questions below, then you will need an opt out consent banner for VCDPA coverage.
Colorado Privacy Act
If you answer “Yes” to any of the questions below, then you will need an opt-out consent banner for Colorado Privacy Act coverage.
Utah Consumer Privacy Act (UCPA)
If you generate over $25 million, or answer “Yes” to any of the questions below, then you will need an opt-out consent banner for UCPA coverage.
Connecticut SB6
If you answer “Yes” to any of the questions below, then you will need an opt-out consent banner for Connecticut SB6 coverage.
Texas Data Privacy and Security Act (TDPSA)
If you answer “Yes” to the question below, then you will need an opt-out consent banner for TDPSA coverage.
Oregon Consumer Privacy Act (OCPA)
If you answer “Yes” to any of the questions below, then you will need an opt-out consent banner for OCPA coverage.
Indiana Consumer Data Protection Act (ICDPA)
If you answer “Yes” to any of the questions below, then you will need an opt-out consent banner for ICDPA coverage.
Where can you get a cookie consent banner?
Now that you know what laws require websites to have a cookie consent banner, you are probably wondering where you can get one for your website. The Termageddon/Usercentrics integration means that all Termageddon accounts include a cookie consent banner that you can enable right from your license.
