Connecting the dots on: cookie consent

December 1, 2021

Activity around cookie consent has been steadily ramping throughout Europe, with DPAs and privacy activists scrutinizing the effectiveness of consent in protecting user privacy.

From dark patterns in cookie banners to depositing non-essential third-party tracking cookies on users’ computers without consent, cookie behavior is the target of recent regulatory guidance, enforcement, and ecosystem activity.

Download our timeline to get an overview of the last six months of cookie consent activity.


May 2021: Noyb announces GDPR “draft” complaints focused on dark patterns in cookie banners (noyb)

June 2021: Google makes commitments to the UK’s ICO and CMA and delays deprecation of third-party cookies (AdExchanger)

July 2021: The California Attorney General backs Global Privacy Control (Digiday)

July 2021: A German DPA cracks down on improper consent practices: “Consents on websites of media companies are mostly ineffective”  (LDI)

July – Aug 2021: Amazon faces major GDPR fine for lack of proper consent, exposing cracks the the consistency of how regulations are applied (Bloomberg)

July 2021: Italian DPA issues cookie guidelines. (Garante)

July 2021:  CNIL issues formal notices to 40 organizations for failure to allow users to refuse cookies as easily as accepting them (CNIL)


29 July 2021: CNIL fines Le Figaro for dropping cookies before consent: their first such action against a publisher (CNIL)

Aug 2021: Noyb files the approx. 400 GDPR complaints against entities who didn’t correct their practices to their satisfaction (noyb)

Aug 2021: Malta issues cookie guidelines (IDPC)

2 Sept 2021: Irish DPC levies €225 million fine against WhatsApp for only relying on terms & conditions for consent (IAPP)


6 Sept 2021: UK’s ICO urges G7 counterparts to engage in cookie banner reform, including the idea of “meaningful” consent (ICO)

23 Sept 2021: Facebook announces they will finally display their own CMP to users on Facebook and Instagram (Adweek)

17 Sept 2021: The Finnish Transport and Communications authority, Traficom, publishes a revised guide to cookie usage (Traficom)

25 Sept 2021: EDPB sets up a task force for European DPAs dedicated to harmonizing consent banners for the deposit of cookies. The task force will also be responsible for coordinating responses to the 422 complaints lodged in August by Noyb (EDPB)

As data controllers, publishers are realizing that they aren’t only responsible for their own behavior, but also the actions of their partners and third-party vendors on their channels. More than ever, publishers will be required to invest in resources to monitor their properties for illegal behavior and downstream risk.

Want to learn about how Sourcepoint can provide privacy protection for your organization? Discover DIAGNOSE, our compliance monitoring tool. Schedule a demo today.

Latest Blog Posts

Vermont Data Privacy Bill Is Vetoed

June 17, 2024

Vermont Governor announced his veto of a bill that...

You Are Who You Work With: Cookie Consent and Data Privacy

June 11, 2024

Who you work with for consent management and data...

Texas AG Prepares for “Aggressive Enforcement” of Privacy Laws

June 10, 2024

Texas Attorney General announced a data privacy and security...

Latest White Papers

Benchmark Report: US Privacy Compliance

August 19, 2022

The current state of publisher compliance with CCPA, and...

Ebook: A Publisher’s Guide to Vendor List Curation

December 16, 2021

How to review your vendor list to mitigate compliance...

Keep in touch

Sign up for our newsletter to keep up with privacy news for adtech and martech,
plus occasional company news.

Let's explore what we can do together.

We'll be in touch within 48 hours

[contact-form-7 id="593" title="Schedule a Demo"]