[edbloom]

Very interesting. I see lots of hate to CMP's here in the comments (which as an EU consumer I totally get) but I have to ask, what's the alternative? CMP's seem like the least worst solution right now (I'm sure we can debate lots of potential better alternatives that could be baked into the browser - which is where I think this will eventually end up).

CookieBot are probably one of the better CMP's I've used, but I'm surprised they haven't yet implemented full EU isolation - which surely is the short term solution here. Fathom have written extensively about their work on EU isolation which I think is very relevant here https://usefathom.com/features/eu-isolation

[alkonaut]

Why is this even a service that needs to be offloaded to a third party? Implementing this properly obviously requires a ton of work, and no site is going to be able to dodge it by simply putting a banner service in front.

Using these automated services that pretend to "automatically" block various categories of cookies is also a ripoof. They use simple keyword searches and similar to try to establish whether a specific script is used for statistics, preferences, etc.

A properly implemented banner (i.e. hand-crafted for the site, and obviously updated each time any script is updated) would be pretty expensive to create and maintain. But if one doesn't see that as one of the key purposes of the law (i.e. push web sites towards using fewer of them because the technological and legal overhead is costlier than whatever the gain is) then I think it's being read a bit naively.

[luckylion]

I agree that CMPs are better than everybody rolling their own solution (lots of time wasted by developers and lawyers).

However, CookieBot is terrible imho. They delay page load by about a second (!) because their APIs are so slow. Their tech is incredibly fragile, if their crawler has an issue and doesn't crawl your page completely, they'll silently (!) remove all cookies from the consent and leave you completely non-compliant until the next successful crawl (crawls take hours to days and are automatically done once a month). Their support has a response time of 3-5 business days (!) for commercial users and consists of people who barely know the product and definitely don't know anything about web tech.

I don't have a favorite vendor in that market, but CookieBot is definitely the worst one I have worked with.