Why Those Banners Started Appearing

Recently, almost every website displays a banner asking "Do you consent to the use of cookies?" Honestly, many people find them annoying. But the reason these banners suddenly appeared across websites worldwide traces back to a European law.

GDPR - A European Law That Changed the World

In May 2018, the GDPR (General Data Protection Regulation) came into effect in the EU (European Union). This law imposes strict rules on the collection and use of EU citizens' personal data, with penalties of up to 4% of global annual revenue or 20 million euros, whichever is higher, for violations. For a broader look at how different countries regulate personal data, see our overview of global privacy laws.

The GDPR requires "explicit consent" for the collection of personal data, including cookies. In other words, tracking cookies cannot be placed unless the user says "yes."

Why Japanese Websites Show Them Too

The GDPR applies to all companies that handle EU citizens' data. Even Japanese websites need to comply with the GDPR as long as there's a possibility of access from the EU. For globally operating companies, displaying consent banners to all users regardless of region is simpler than implementing region-specific logic, which is why banners ended up appearing on websites worldwide.

There Are Different Types of Cookies

Consent banners target some cookies but not others.

  • Strictly Necessary Cookies: Cookies essential for basic site functionality like maintaining login status and managing shopping carts. Can be placed without consent
  • Analytics Cookies: Cookies used for access analytics like Google Analytics. Require consent because they track user behavior
  • Marketing Cookies: Third-party cookies used for ad tracking. Require the strictest consent because they track users across multiple sites
  • Functional Cookies: Cookies that enhance user convenience, such as remembering language settings and themes. Consent is recommended

Is It OK to "Reject All"?

Even if you select "Reject All" on a cookie consent banner, the site's basic functionality still works. Since strictly necessary cookies can be placed without consent, login and cart features continue to operate.

However, there may be some effects.

  • You may need to log in every time you visit (if session cookies aren't saved)
  • Language and theme settings reset each time
  • "Recommended" and "Recently Viewed" items may not appear

If you value privacy, a balanced choice is to reject analytics and marketing cookies while allowing only strictly necessary and functional cookies.

Dark Patterns - Design Tricks to Get You to "Consent"

Some sites use designs that make it difficult for users to reject cookies (dark patterns).

  • The "Accept All" button is large and prominently colored, while "Manage Settings" is small and inconspicuous
  • Rejecting requires navigating through multiple settings screens
  • There's no "Reject" button - only "Accept" or "Manage Settings"
  • Closing the banner is automatically treated as "consent"

EU data protection authorities have begun cracking down on these dark patterns as GDPR violations. In 2022, France's CNIL fined Google 150 million euros. One of the reasons was that the cookie rejection process was more complex than the consent process.

Summary

Cookie consent banners spread worldwide because of the EU's GDPR. They may feel annoying, but they're a mechanism to protect your online privacy. Instead of mindlessly clicking "Accept All," consider at least rejecting marketing cookies. IP Check-san uses only the minimum necessary cookies.

Related Terms in This Article

Cookie Small pieces of data that websites store in your browser. The primary target of consent banners. IP Address Under the GDPR, IP addresses also qualify as personal data. Browser Fingerprint Even if you reject cookies, tracking via fingerprinting requires separate countermeasures.