Many websites may be ignoring users’ cookie preferences when they click “reject,” according to new investigations by privacy researchers. Despite GDPR and other privacy regulations requiring websites to honor user consent choices, multiple studies found companies continue tracking users regardless of their selections.
Analysts suggest this occurs through technical loopholes where websites either delay implementing rejections or use alternative tracking methods. “The ‘reject’ button often serves as theater rather than actual privacy protection,” said one researcher familiar with the findings who requested anonymity due to ongoing litigation.
European regulators have fined several major tech companies for non-compliance with cookie laws, but enforcement remains inconsistent. Privacy advocates argue the current system places too much burden on users to protect themselves.
Looking ahead, experts predict increased regulatory scrutiny and potential browser-level solutions to enforce cookie preferences more reliably across all websites.