Cookie Block corrects GDPR violations in the browser
Cookie Block is a new browser extension developed at the Swiss Federal Institute of Technology Zürich that corrects GDPR violations on the client site by removing cookies.
Most websites display cookie consent banners when they are visited for the first time in a browser; this also happens again when cookies are cleared in the browser. Researchers at the Swiss ETH analyzed violations and discovered that 94.7% of the analyzed sites violated GDPR, including:
- 82.5% of all sites had at least one undeclared cookie.
- 69.7% of all sites assumed a positive consent response before it was given by the user.
- 25.4% were unclassified.
- 21.3% ignored user choices.
- 13.5% had incorrect expiries.
- 8.2% had the wrong purpose.
Only 5.3% of all analyzed sizes had no GDPR violation, the majority had two or more violations.
Cookie Block was created to fix these GDPR violations in the user's browsers. Unlike extensions such as Auto Cookie Optout, Never Consent, or Vivaldi's built-in handling, it is not dealing with cookie prompts that users see on sites automatically. The extension deals with the cookies that sites write to the browser storage to correct validations on the client side. With the vast majority of sites in violation of GDPR, cookies are placed on the user's system that should not be there at all or are otherwise in violation, e.g., because they have been misclassified or had an incorrect expiry date.
Cookie Block uses machine learning to deal with cookies that are in violation. The extension classifies cookies by purpose and deletes those that the user rejects. More than 90% of privacy-invasive cookies are deleted automatically when using the extension according to the researchers.
The cookie identification model comes close to human expertise, and beats it sometimes. The researchers compared its performance to that of the Cookiepedia repository, a large database of pre-categorized cookies. The extension's performance resembles that of the manual classification in all four cookie categories (necessary, functional, analytics, and advertising).
The extension is available for Google Chrome, Mozilla Firefox, Microsoft Edge and Opera. It will install in most Chromium-based browsers, including Brave and Vivaldi, as well. The developers note that there won't be a version for Apple's Safari web browser because of technical restrictions.
Cookie Block accepts necessary and functional cookies by default, and will remove functionality, analytics and advertising cookies automatically using its own algorithm that runs on the client. Users may change the default configuration by opening the settings of the extension.
Strictly-necessary cookies are permanently enabled, but all other cookies may be enabled or disabled in the preferences. Users may enable the cookie history feature furthermore which uses a local history to improve the accuracy of the classifier. There is also a slider to change the bias for necessary cookies. Setting it to a higher value may reduce site breakage but may decrease overall accuracy and reduce privacy.
Individual sites can be added to an exceptions list; this is useful when a site does not function normally after installing Cookie Block. Lastly, users may clear the local cookie history and have all cookies that are stored currently categorized and those rejected by user policy removed from browser storage.
The extension does not prevent the setting of cookies, but it will delete cookies immediately afterwards based on user policy settings. By default, all advertising, tracking and analytics cookies are removed based on the extension's detection model and not the website's or service's classification.
Cookie Block should work with most browser extensions, including extensions that react to cookie consent banners automatically. The extension works in the background, analyzing and removing cookies based on its own classification of them. No data leaves the local browser according to the developers.
Cookie Block is a powerful browser extension that deals with the majority of cookies set due to GDRP violations automatically.
Now You: how do you handle cookie consent banners and cookies?Advertisement