Evolving Cookie Landscape and Consent Management

In June 2021, Google announced its 2023 plans regarding third-party cookies. Google has been testing several alternatives to the use of third-party cookies that can display personalized advertisements to users and enable cross-contextual behavioral advertising without collecting their personal data or tracking them. These alternatives include Privacy Sandbox, FloC, and recently introduced Topics.

We earlier examined that even without using third-party cookies, websites will still be required to adhere to certain privacy principles. Various alternative techniques to the use of third-party cookies and similar tracking technologies allow identification and re-identification of users and build their profiles with the aid of additional data elements, unique identifiers, and other information received by the servers. Therefore, such techniques and technologies are subject to data privacy obligations. These obligations include providing data subjects a notice/banner and obtaining their consent before the processing of personal data.

In the evolving cookie landscape, you need Securiti’s Cookie Consent Management Platform (CMP) because:

• You are still required to display accurate cookie consent banners due to the notice requirement of most privacy laws
• You are still required to obtain the data subject’s consent since there remains the possibility of tracking individuals due to the use of first-party data and various online tracking technologies
• You are still required to display accurate and comprehensive information on consent banners
• You are still required to maintain updated consent records to help you demonstrate compliance.

Securiti’s CMP ensures compliance with the legal requirements in the following manner:

Scanning of tracking technologies

Most cookie guidelines released by data protection regulatory authorities apply equally to cookies and similar tracking technologies that allow reading and storing of the user’s data such as a built-in storage mechanism (local storage and session storage), tracking pixels, and web beacons. Securiti’s CMP scans not just cookies but also these similar tracking technologies.

The scanner detects and categorizes the trackers into default categories of essential, analytics & customisation, advertising, performance & functionality, and social networking cookies where the essential category consists of technologies that are considered essential for the functioning of the website. Once scanning and automatic classification are done, we allow you to inspect the categories Securiti chose for different trackers and adjust them if necessary.

Detection and auto-categorization of first-party cookies

The obligation to obtain consent from the data subject not just pertains to the use of third-party cookies but also first-party cookies. This is because first-party cookies are able to collect an individual’s personal data and may contribute to building their profiles.

Securiti’s CMP can detect first-party cookies and categorize them as either essential or non-essential. This would include detection of any first-party user input cookies, short-term authentication cookies, user-centric security cookies, load-balancing cookies, UI customization cookies such as language and result display preference cookies and first-party analytics cookies.

Initiator path-cookie category configuration

Securiti’s CMP enables you to honor consent via tag manager, auto-blocking and initiator path-cookie category configuration which is not dependent on third-party cookies. The Initiator Path enables you to block trackers when a user chooses to opt-out. When a user opts-out via the cookie consent banner, Securiti blocks those cookies and the trackers’ initiator path automatically.

Leading industry frameworks and regulatory compliance

Securiti’s CMP supports leading and upcoming industry frameworks and regulatory compliance. We allow users to provide freely-given consent and withdraw without any detriment, ensuring compliance with the IAB GDPR framework, GDPR and e-Privacy Directive. Cookie banners are configurable and granular to also allow you to add participating vendors as well as standardized cookie purposes.

Our experts at Securiti continue to closely monitor the legal developments in the evolving cookie landscape, including developments to proposed e-Privacy Regulation, EU Digital Services and Digital Markets Act. We allow you to incorporate changing legal developments and deploy cookie consent banners as per applicable frameworks and laws.

Consent records

Securiti’s CMP keeps an updated and comprehensive audit trail to help you demonstrate compliance. It stores individual consent records, the content the data subject has consented to, consent status (granted, declined, or withdrawn), and timestamps of consent status.

Securiti’s Cookie Consent Banner Solution enables companies to build cookie consent banners in accordance with the applicable legal requirements when collecting personal data for non-essential purposes on digital properties.

Securiti’s Universal Consent Management solution enables organizations to capture users’ consent and facilitate consent revocation for consent-based data processing effectively and automatically. It allows organizations to deploy a preference center to be able to honor consent preferences efficiently.

Ask for a DEMO today to understand how Securiti can help you comply with the applicable legal requirements.