I like my job – it\u2019s not curing cancer, or putting a person on the Moon (I wish!) but creating websites is positive & rewarding. The dream of the web is ease of access to information for all; freeing us from the tyranny of geography. So when I see something that gets in the way of that, I\u2019ll speak up.<\/p>\n
A brief history of cookie banners<\/h3>\n
I\u2019m going to save you the full history lesson here in terms of electronic legislation and simply say this: websites that do any kind of \u2018tracking\u2019 etc (which is often invisible to users) are increasingly becoming frowned upon in legal circles. Put another way, websites can no longer assume<\/em> that anything goes with their website visitors – they need to be more honest and upfront about what data is being collected, and why.<\/p>\n And this may well mean the website needs to ask for consent<\/em> from the website visitor before it does certain things.<\/p>\n To address this visibility issue, legislation increasingly means that websites need to tell visitors what they are doing via \u201ccookie banners\u201d – e.g.<\/p>\n Fig 1 – a simple cookie banner<\/p><\/div>\n When we visit a site we\u2019ll often see a pop-up similar to Fig 1 telling us about \u201ccookies<\/em>\u201d etc.<\/p>\n It\u2019s been good form to warn people about what cookies a website issues for a while. And more recent legislation such as GDPR takes this a step further & says that certain cookies need consent<\/strong> from the website visitor before<\/em> you can set them.<\/p>\n To enforce that, you\u2019ll also see more complex cookie banners like this:<\/p>\n Fig 2- a more complex Cookie Banner<\/p><\/div>\n Services like Google Analytics, Facebook Pixel etc all fall into the category of requiring<\/em> consent under GDPR (& others) – which means we have to get EU website visitors to actively agree to their usage. As these services are used by a lot of websites, this goes towards explaining the ubiquity of cookie banners.<\/p>\n Some websites stick their heads in the sand and carry on regardless – ignoring GDPR\/CCPA etc, ignoring asking for consent etc. And I do sympathize a little with this \u2018approach<\/em>\u2019 as the legal landscape is hugely complex here, & ever-changing.<\/p>\n It\u2019s almost as if some businesses are waiting to see how things pan out, what fines are handed out etc, before making moves.<\/p>\n I\u2019ve also seen consent type cookie banners which don\u2019t actually do anything. Click YES, or click NO – it doesn\u2019t matter! Google Analytics & Facebook Pixel etc will keep running regardless!<\/p>\n Why does this happen? I honestly think in many cases this is not<\/em> a deliberate attempt to deceive website visitors. It\u2019s more a case of:<\/p>\n \u201chey! Do we need one of those cookie banner things on our site?<\/em> The thing is, compliance is much more complex than simply installing a cookie banner. To ensure compliance, you need a deeper assessment of all the services your website uses (which will always be more than you initially think), and how it stores personal information etc. You also need to consider your overall business practices as well – compliance is not just restricted to your website.<\/p>\n In many cases, legal advice needs to be sought to clarify how GDPR\/CCPR etc affect your website (& business).<\/p>\n For many websites, this will ultimately mean:<\/p>\n As you see, this is a lot more work than just installing a cookie banner plugin.<\/p>\n …there is an alternative to this though:<\/p>\n I struggled with how I wanted to handle cookies etc on this website.<\/p>\n I tried out a few services (partially as part of investigations into what may<\/em> be applicable for other clients), but I wasn\u2019t particularly happy with any of them.<\/p>\n In short: I simply did NOT want Glass Mountains website visitors having to interact with such a cookie banner; being distracted & confused by them. A core principle of Glass Mountains is trying to guide clients through the highly complex & jargon-laden website world – so cookie banners etc were at odds with our values here.<\/p>\n And, at this point, I had an epiphany:<\/p>\n I decided to be brutal with any<\/em> service running on our site, and if it potentially needed a cookie banner (or worse, ‘consent<\/em>‘!), it was going to be removed from the site.<\/p>\n No tracking services – no problem!<\/p>\n Removed from the site include:<\/p>\n In fairness, I\u2019d forgotten some of those were running (ahem!) and I\u2019m sure this happens to a lot of business: you install something on your website, and then promptly forget about it.<\/p>\n Some of the services I\u2019d played with – eg Facebook Pixel. Now, this would<\/em> require consent, but as I don\u2019t really advertise on Facebook etc, this was not massively important to me.<\/p>\n Google Analytics was a slightly different story<\/p>\n I\u2019m pretty sure I\u2019ve been running Google Analytics on our websites for 15 years. It always felt comforting to have it in the background: silently making notes on all website visits.<\/p>\n I would go in occasionally & examine big picture trends of traffic: especially top content, and landing pages. But was my business steered by it day by day? No.<\/p>\n The issue for me was twofold:<\/p>\n Whilst there are supposedly methods you avoid the consent issue with Google Analytics, I felt it was time we parted company.<\/p>\n This is a tough decision as it\u2019s very much the end of an era, and it\u2019s a definitive decision – once you switch it off; it\u2019s off. You get a hole in your Google Analytics data which you can\u2019t backfill.<\/p>\n However, when I weighed the reality that I did not religiously monitor GA (for good or for bad!), and that my business was obviously thriving quite happily without it, I realised I could make the break.<\/p>\n Instead of Google Analytics, we are now running two things:<\/p>\n Jetpack is the swiss army knife WordPress.com plugin which has a treasure trove of features for your website. It has built into basic analytics, so that is useul.<\/p>\n However, I wanted something a little bit more featured, so I turned to Plausible.io<\/a> – it’s a paid product (good, it’s important they have a business model!). And yes, it’s nowhere near as complex and featured as Google Analytics, but that suited me down to the ground.<\/p>\n Well, no, it’s not the end, Keeping a close eye on your website and making sure it’s compliant etc is an ongoing task.<\/p>\n Should I be showing a cookie banner anyway? Maybe. Because we use CloudFlare and they issue a CFID cookie. However, that is not for tracking purposes – and CloudFlare are deprecating it soon anyway<\/a>. So I’m going to turn a blind eye as I think we are actually doing the right thing. I think there may be a TypeKit plugin lurking somewhere as well, I’ll find that and remove it.<\/p>\n I’m not saying what I’m doing here is 100% right or 100% bulletproof – but it works for me. And it’s a step in the direction I want to (and want the web to go).<\/p>\n Joel<\/p>\nThe Invisible Cookie<\/h3>\n
![\"Fig](\"https:\/\/www.glassmountains.co.uk\/wp-content\/uploads\/2021\/01\/Screenshot-2021-01-21-at-21.09.25-1024x84.png\")
![\"Fig](\"https:\/\/www.glassmountains.co.uk\/wp-content\/uploads\/2021\/01\/Screenshot-2021-01-21-at-21.06.51-1024x275.png\")
Head in the Sand<\/h3>\n
The Henry Ford version of a Cookie Banner<\/h3>\n
\n\u201cMaybe! I\u2019m sure there is a WordPress plugin for this – shall I install it?\u201d<\/em>
\n\u201cSure!\u201d<\/em>
\n\u201cOk, installed – there it is on the website! We rule!\u201d<\/em>
\n\u201cGo us!\u201d<\/em><\/p>\nLegal Eagles<\/h3>\n
\n
Behold! The Naked Website!<\/h2>\n
Ditch it all<\/h3>\n
\n
Google Analytics<\/h2>\n
\n
Alternative Analytics<\/h2>\n
\n
The End<\/h2>\n