Ditch the cookie consent banner once and for all!

If you've browsed the web at some point since 2018, you have most certainly seen one of these:

Cookie consent banners and popups are the most common tools used by websites in order to be compliant with user privacy laws and regulations. Since GDPR has started being enforced in 2018, these banners have started appearing up all over the web.

For some, it's considered a nice gesture that shows you are transparent and flexible about the type of information you collect on your users, just like GDPR intended it to be.

But for most people, cookie consent notices are just another form of popup that pesters them in their online activities. And for some visitors, that additional hindrance preventing them from accessing the content may just be the straw that broke the camel's back — making them leave your site and go to another one instead.

Luckily, there is actually a legal and ethical way to ditch the cookie consent banner on your site. As a bonus, it might also make your site load faster.

Intrigued? Well, if you care about your users privacy and experience on your site, then you are very right to be!

Let's get rid of that awful notice, shall we?

‍

All you need to know about cookie laws

Although they are often called "cookie laws", these legislation aren't trying to combat cookies themselves.

The main goal of cookies laws is to prevent websites and advertising platforms from tracking users and collecting information about them without their express consent.

For example, a company like Facebook or Google cannot on its own track your activities outside of their own platform. However, if they can convince other people to include a data collection script on their website, then they can collect a bit more data for each additional website they convince. The more websites participate in this, the more data they can collect and infer. This is how a big chunk of the web's data collection happens. This data collection technique often requires the presence and usage of cookies from those third-party companies (hence: third-party cookies).

While this type of behaviour is common, most people are not aware or informed that this is happening when they open a website on their phone or laptop. Cookie laws aim to make this type of activity more transparent and user-centric by requesting that a visitor decides whether they want third-party cookies to be used or not.

As you can see, all we've talked about so far are cookies from third-parties, advertisers and other such sources.

That's because this is the main focus of cookie laws.

The only other part of this you need to know about is that some cookies are exempt from the restrictions imposed by these laws. This means that if your website or app only uses exempt cookies, you don't need to display a cookie-consent banner or popup!

All you need is to explain how you use cookies in your privacy policy, and to make that policy easily accessible from any page!

What are exempt cookies?

There are two categories of cookies that are considered exempt:

• Cookies whose sole purpose is to ensure good communication over a network;
• Cookies that are essential for the service requested by the user.

A good example for the first exemption is a cookie identifying which server is responsible for your requests when your app or website is under a load balancer. If you have no idea what that means, that's fine: it's the second exemption that matters to most people.

The second exemption allows for any necessary cookies, trackers or local storage required for your app or website to work.

This means that you are allowed to use cookies to...

• remember a user's theming or language preferences;
• maintain a user's session after they logged in;
• keep track of which items are in the visitor's cart;
• etc.

In short, anything that is required for the features of your app or website to work likely falls under the category of exempt cookies.

This is a fair and flexible policy, but it is not to be exploited.

For example, you cannot decide that a Facebook Pixel or a Google Analytics script is required for your app to work just because it provides you with data that might help you improve it. The same goes for user session replay or behaviour analytics tools like Hotjar: they are useful for you, but not necessary for the features to work.

‍

How can I check if my site uses cookies?

Cookies are visible on your browser, so they are easy to detect.

However, it's important to note that the cookies your website or app uses may differ from page to page, or depending on the actions you've taken on the website. For example, payment-processing related cookies may not be set until you actually start the check out process. You should therefore check most if not all of your website's pages to get a complete understanding of the cookies you're using.

With that out of the way, let's see how you can find out which cookies are stored on your computer when visiting your site or using your app.

Use a cookie scanner

For non-technical users, the easiest way to know which cookies are used on your website is to use a cookie scanner.

The best one we tried was Cookieyes's cookie scanner: it has a simple interface, groups your cookies by category, and is pretty speedy!

Side note: ironically, every cookie scanner we tried had a cookie banner, and most of them worked in an "opt-out" fashion. That means they actually set and used cookies before getting your consent. Not great.

Use your browser's developer tools

For developers or tech-savvy folks, cookies are always just a few clicks away.

Simply navigate to your website, and open up your browser's developer tools. Depending on your browser, the location of the cookies differs:

• On Chromium browsers, they appear under "Application > Cookies > yourdomain.com".
• On Safari and Firefox, they appear under "Storage > Cookies".

‍

How can I get rid of non-essential cookies?

Now that you know which cookies are used on your website, you can start getting rid of your non-necessary cookies.

Here are the steps you can take to remove all non-essential cookies from your website (and finally get rid of that cookie consent banner!).

1. Audit your cookie usage

The first thing you need to do is figure out which cookies come from what sources.

Although the name of a cookie often hints at its source, sometimes you just can't tell the source just from the cookie itself. In these situations, you can usually find more information about where a cookie comes from by simply copy-pasting its name into your favorite search engine.

If the search results don't lead anywhere, then perhaps the cookie comes from your own website's code. If you're not a developer, you should ask your website's developer(s) about the cookies to know where they come from.

2. Remove tracking scripts

As we talked about before, third-party tracking scripts are one of the main sources of non-essential cookies.

Replacing your existing analytics solution by an ethical and privacy-friendly alternative is definitely the way to go about this. Not only will this provide more privacy for your users, but it will likely speed up your website as well.

We recommend you check out Plausible (which we use here at Koalati) and Fathom. They are both great privacy-friendly analytics services that are cookie-free and that boast incredibly lightweight tracking scripts.

3. Switch to cookie-less advertising

Just like tracking scripts, advertising often comes with a bunch of cookies. And as you might have guessed, advertising is not considered necessary for your users.

There are a few cookie-free advertising platforms out there, but we cannot recommend any one of them at this point as we have not tested them ourselves.

However, this is a niche that is likely to get more popular in the future, so if I were you, I would keep my eyes peeled for new privacy-focused ad platforms.

Alternatively, you can also try to find partners or sponsors for your website or app in order to replace conventional advertising. This requires a lot more work on your end, as you have to find interesting companies and negotiate them in order to get a worthwhile deal for both parties. On the bright side however, this does lead to much more intentional promotion for your users, as you can pick the partners that best match your audience's interests and needs.

4. Remove other scripts and embeds that use cookies

When using external scripts and embedding external content on your site, you often end up with cookies from these external sources.

If you cannot disable the usage of cookies in the settings for these scripts and embeds, we recommend finding a privacy-friendly alternative (or simply removing the embeds if they do not provide much value to your visitors).