2023 Privacy Barometer

04/04/2023 |

We’re back with the 2023 edition of the Privacy Barometer based on almost 700 consent banners displayed by our customers! Discover the results on this year’s infographic below.

Click here to compare with the results of the Privacy Barometer 2022

Below, a freely translated article from GlobalSecurityMag:

Privacy Barometer 2023 by Commanders Act

Consent Offering is a Legal Obligation, Optimization is a Business Goal

Consent is first and foremost a legal requirement for advertisers, who must seek permission from each visitor/user when personal data may be collected. A high consent rate serves purposes such as analysis, visitor segmentation, and data activation—a key marketing and commercial challenge for advertisers who must adapt to their audience.


1. Make the Choice Visible

This choice must be made in an informed manner, beginning from the visitor’s arrival on the site.
An “informed choice” means a clear choice: the use of the data and the scope of the consent must be clearly explained. Access to consent and refusal must be equally simple, whether it concerns one or multiple uses and partners.

Most visitors now clearly understand the stakes around their personal data. However, they may be more willing to consent if they trust the company. The first step is not to make the process harder than necessary. So the banner must be visible to all. A thin, nearly invisible strip at the bottom of the page won’t encourage action.

➡️ The banner’s visibility should take the form of a clear pop-in, allowing the visitor to make a choice effortlessly.


2. Legality, Simplicity, and UX

The CNIL (French data protection authority) requires that users’ choices be easy to make. This means that if the “Accept” button is accessible in one click, the “Refuse” button must also be accessible in one click. However, the size and design of these buttons is not strictly regulated since CNIL has not specified rules here. This means, for example, that the “Continue without accepting” button can be smaller than the main options.

➡️ A balance must be found: the “Refuse” button shouldn’t be hidden, but the “Accept” button should appear more appealing.

Most clients place the “Continue without accepting” button in the top right corner. Visitors are now used to looking there. The recommendation is to place this button after the explanation of options and partners’ data use.

➡️ Placing the button in an unexpected location may prompt a more conscious choice by the user, breaking habits and potentially improving consent rates.

As a user, the more data an advertiser wants to collect, the more likely negative feelings arise.

➡️ To counter this, companies can group consent requests to avoid repeatedly asking users for consent.


3. Brand Identity

Since the consent banner usually appears over a grayed-out overlay on top of the site, visitors may struggle to recognize which site they are on. As a result, they may more frequently choose to refuse, unsure of whom they are dealing with.

➡️ Including the brand’s logo in the banner helps build trust by clearly identifying the site collecting the data. The logo becomes a symbol of transparency and reassurance.

Honesty leads to better results—especially on mobile where space is limited and the pop-in covers the entire screen.


4. Innovation is a Prerequisite for Full Optimization

As always, innovation brings benefits: trying new approaches leads to progress, and this applies to consent rates too. Over time, consent rates can even erode. Given the legal framework, companies must innovate—change layouts, try new buttons, colors, and placements.

If you need to prioritize your team’s efforts, focus on what comes after. Often overlooked post-implementation, the real question becomes how to encourage users to click “Yes” or avoid clicking “No.”

Closing the banner doesn’t mean the end of consent opportunities. Additional consents can be collected afterward.

For instance, in-page banners can replace videos, encouraging users to accept cookies to view the content. This can lead some users back toward opt-in.

➡️ Changing “Continue without accepting” to “Accept and close” offers a new choice and reassures users they can close the banner—an often underestimated form of innovation.


5. User Experience (UX)

UX is a specialized field with its own best practices. On mobile, consent is given via finger taps.

➡️ So if the “Accept” button is placed at the lower-right edge of the screen, it fits the natural ergonomics of the (mostly right-handed) thumb.

Note that user experience is as diverse as users themselves, and should be fine-tuned with internal teams, vendors, and consultants to make the consent process as natural and comfortable as possible.


6. Media and Cookie Walls

In the media sector, cookie walls (banners without a direct “refuse” option) are common. Some actors require users to log in, create an account, or subscribe to access the site or to be able to refuse cookies.

This practice has faced criticism in some countries, but after discussions between GDPR enforcement bodies and lawmakers, it has been accepted—and delivers impressive consent results, despite bounce rates.


What Next?

Consent is now widely understood by stakeholders, but real maturity will be reflected in data governance—how companies visualize and control data flows.

The next stage of GDPR will include tools to ensure that consent is respected over time.

As data becomes more central to business strategy, personal data protection becomes just as important to customers. Consent banners can then be seen either as a barrier—or as an opportunity to empower users and uphold their choices.