LOKKER Consent Verification identifies potential compliance issues

LOKKER released Consent Verification, a new tool in LOKKER’s Privacy Edge Platform that gives businesses a simple way to check whether their consent banners are properly configured and working correctly.

LOKKER’s recent research found that more than 90% are not. This is particularly important as many new state and federal privacy laws now require the ability for consumers to either opt in or opt out of their data being shared with third parties and trackers on their websites.

Websites are increasingly adopting consent management as one of the main tools for their privacy compliance. However, while LOKKER’s research found that 67% of companies have a consent banner, most consent management tools are not designed to address real-time changes in the ad tech ecosystem. As a result, oftentimes they are not blocking what the companies may think, potentially putting them at risk of a privacy violation.

Specifically, LOKKER’s research found that over 90% of websites had serious issues: they load cookies and trackers before any interaction is taken with the consent banner, tags are miscategorized or missed altogether, and ad tech is often served even after a user selects “Reject All.”

On average, 33 cookies load before any consumer interaction with the consent banner, according to LOKKER’s research. This is a significant problem as consumers believe their data is not being shared until they provide their permission (with the exception of “Strictly Necessary” cookies and scripts).

“The underlying problem is stopping unauthorized data collection on websites. Consent management is just one tool in that process, but few consent management tools stay up to date with near daily changes that occur to the ad tech and third parties utilized on most websites. The result is that businesses often are out of compliance,” said Ian Cohen, CEO of LOKKER. “There’s no way to track and defend against this without more advanced tools. Consent Verification helps organizations identify issues before they lead to larger issues.”

LOKKER’s research also found several other concerning trends in the current consent management process. LOKKER’s Consent Verification examines the three most common user states when encountering a consent banner – accepting all, rejecting all, or a consumer not interacting with the consent banner at all. LOKKER analyzes the implications of each scenario, and provides answers to the following key questions:

• What cookies, trackers, and tags are active on a website in each user state (reject, accept, no interaction)?
• Where are they located (on which web pages)?
• Did anything load on the site that should have been blocked, given the reject state?
• Are there tags, pixels, or other trackers loaded on the site that weren’t surfaced in the consent banner?
• What tags are piggybacking (that appear on the site but aren’t placed on the site by the website owner)?

LOKKER’s Consent Verification helps companies determine whether or not their consent management is working as it should. This is also a critical piece of compliance with new and emerging privacy laws. For example, some new laws, such as the Washington My Health, My Data Act, require an opt-in for data sharing, not an opt-out. Improper consent tool configuration can leave companies and their visitors vulnerable.

Consent Verification provides users with an easy way to verify if they are in compliance or at risk of potential significant financial and reputational damage so they can take appropriate action.