What Is a Cookie Wall?
A cookie wall is a barrier that prevents users from accessing your website until they agree to accept your cookie usage.
Cookie walls hide all of the site’s content and links until you accept cookies en masse. If you don’t accept, you can’t use the site. Period. There is no way for you to provide or deny consent to specific types of cookies, and many cookie walls don’t even tell you what types of cookies are involved.
In the strict sense of the term, a cookie wall enables the user to provide consent for deploying tracking cookies. However, it’s a bit of a ham-fisted and unfriendly way to do so.
And as it happens, cookie walls violate not only the spirit but also the letter of some data privacy regulations.
Why Did Cookie Walls Originate?
First, we had paywalls: Certain website owners, who believed that people would pay to access their content, implemented features that prevented visitors from accessing the site (or parts of the site) until payment was rendered, either as a one-time payment or an ongoing subscription.
It turned out that most people don’t want to pay for content on the internet. You still see paywalls, mainly on major news media sites, but many site owners didn’t realize the revenue stream they were anticipating and turned to other ways to monetize their content.
One way to do so is with tracking cookies, which collect site visitor information that could be sold to marketing and advertising businesses. Tracking cookies were delivered on the sly, with most users blissfully unaware that their browsing habits, search history, and more were being collected and sold.
It turned out that most people don’t like that either, and many jurisdictions worldwide prohibit tracking cookies without the site visitor’s consent.
So now we have cookie walls.
Are Cookie Walls Legal?
Europe’s GDPR, in particular, is quite clear on this point. For consent to be valid, it must be:
- Voluntarily given
- Informed
- Granular
- An explicit indication of the user’s wishes
- Revocable
The European Data Protection Board (EDPB), the body that oversees the interpretation and enforcement of the GDPR, has further clarified that sites cannot make access contingent upon giving consent for all cookies; such “consent” is not voluntarily given and is not granular, and therefore violates GDPR.
Not all data privacy regulations address the cookie-wall issue, but any site that does business with European visitors must comply with GDPR, so it’s a good idea to be compliant.
Ditch Cookie Walls for Cookie Banners
A better way to elicit consent is with a cookie banner, such as those provided by Enzuzo's data privacy management tools. A cookie banner doesn’t hide the site’s content and enables the user to provide or deny granular consent for each type of cookie. In the background, the consent management system keeps track of each visitor’s cookie preferences and enables visitors to change their minds later.
A proper cookie banner not only complies with data privacy regulations, but builds trust with site visitors. Tear down the (cookie) wall!