Google is rolling out new cookie popups with "reject all" option in Europe
Google is changing its cookie popups on Google Search and YouTube in Europe. The new cookie banner is rolling out already, and the main change that it introduces is the integration of an "reject all" button to block all non-essential cookies from being set and non-essential data from being collected.
Right now, when you visit a Google-owned Internet site for the first time, you will see the before you continue cookie banner. The banner informs you about the use of cookies on the property. The classic banner has two buttons, one to customize the data collection and the "I agree" button.
Users who want to reduce the use of cookies and data collecting need to select the "customize" option to change the defaults. The "I agree" option gives Google full control over the collecting.
The customize page displays several options, including YouTube History, Search customization, or ad personalization, that can be turned on or off on the property.
Rolling out now in Europe is a new cookie banner that is giving users an easier option to block all cookies except necessary ones.
Google notes in the announcement that this is coming to Google Search and YouTube in Europe for visitors who are not signed-in to a Google account at the time or are in Incognito mode. The rollout has started in France and Google plans to bring the updated cookie banner to all member states of the European Economic Area, the United Kingdom and Switzerland soon (Google did not provide specifics).
The cookie overlay provides details on the use of cookies and the collection of data when users select the reject all or accept all buttons.
According to it, Google will use a base set of cookies and data regardless of the user choice. The data is used to "deliver and maintain Google services, "track outages and protect against spam, fraud and abuse", and to "measure audience engagement and site statistics".
The optional set of cookies and data is only used if the user selects "accept all" or keeps certain options on the customize page turned on. Users who select the new "reject all" button won't have these collected anymore:
- Develop and improve new services.
- Deliver and measure the effectiveness of ads.
- Show personalized content, depending on your settings.
- Show personalized ads, depending on your settings.
Closing Words
Some companies and organizations make it hard for users to reject all non-essential cookies. The introduction of an "reject all" option that is displayed as prominently as the "accept all" button is a step in the right direction.
Internet users have a number of options to deal with cookies and data collecting on their end. They may disable third-party cookies in their browsers, clear cookies regularly, use extensions to bypass and deny cookie prompts automatically, or use different services, e.g., Brave Search instead of Google Search, Invidious instead of Youtube. Extensions like Privacy Redirects help with that automatically.
Now You: how do you handle cookie and data collections on the Internet?
Okay, good to have that kind of option and all, but what the actual Fxxxxk am I supposed to do when the damn accept or reject gets stuck in a click-loop and I can’t move past it no matter if I reject all or accept all ??? . .I legit can NOT get past the dang prompt and it is pissing me off .started using Yahoo search for a while now, and it is much less optimized (no doubt because of all the data google has on people)
I can’t get past this pop up. It’s so very annoying, I can’t open Google maps anymore on any device because it keeps prompting this damn “Before you continue” skit…. If I press reject all, the same option just reloads, if I click accept all, same thing. It’s been stuck on this pop up for about a week and I’m over it… I can’t use it I had to find alternative maps to use.
I used to use this extension for FF https://addons.mozilla.org/en-US/firefox/addon/google-consent/
to block and it worked for some time, but it didn’t work since long ago, also Google’s consent page doesn’t allow me to do anything under the Customize button.
btw thought I was going to try out same extension for Brave
https://chrome.google.com/webstore/detail/consent-popup-blocker/onnimgmpopjkpbnmnjgcfkndeefgkkig
Anyhow, the only thing that annoys is actually all the clicking through to get to Google search or YouTube, they are probably just nudging people into not deleting any cookies.
I don’t think its fully rolled out. I auto delete cookies, and I only get the ‘reject all’ option some days.
@Martin – This is incorrect.
“Right now, when you visit a Google-owned Internet site for the first time, you will see the before you continue cookie banner.”
You can visit the same site many times but if you visit a google site when you “do not have a google cookie already stored on your system ” you will get the banner and every other google popup.
“Avoid cookies by allowing our cookie” is just more legalise bullshit to confuse people.
oh and it is funny how people are probably going to get tracked even more by these popups by interacting with them and analytics and all who does it more etc etc (not mentioning how instead of just use the page right away, you have to stop and actually click on anything), because that’s how Google and other companies on the internet are, that’s how internet was meant to be and it will not change until people don’t realize that Privacy is the little myth and is not compatible with Internet, cookies or not, you are getting spied on anyway.
Imagine believing like an idiot that cookies are the problem of privacy so Google or anyone else should change anything about them because some idiots politicians say it, the same ones get bigger wallets and bank accounts at the cost of the people’s hard work with the ‘legal’ robbery that is taxation.
Funny thing is people usually talking about privacy and are so worried about cookies and installing million extensions and talk about ‘if not open source I won’t use it’, are the same ones you see in reddit, twitter, or even here checking the box “Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy” and they don’t have the problem about it.
Another dumb feature to create the placebo effect I guess about how Google and other companies are ‘protecting you’ because you somehow are rejecting cookies, I mean, browsers already have that feature, all of them, but obviously this was an important day in history /s
One step closer to no longer being an illegal business, but not there yet, Google.
I think that all the cookies should be for the current sesion only. And only for the current sites that are visited, and should be deleted when the page is closed. Thanks for the article! :]
I mostly sandbox but there are some notorious data-suck websites I use regularly, realising the price is surrendering some data. For these I load the browser non-sandboxed, clear ALL data and run a cookie saver (https://github.com/candh). When visiting the site I load the sandboxed browser and import the saved cookie file.
It makes little difference what you do. Canvas fingerprinting has most of us covered. Even with canvas fingerprint defender and WebGL Fingerprint Defender, I score ‘unique’ in this test.
https://coveryourtracks.eff.org/
@Anonymous
> canvas fingerprint defender and WebGL Fingerprint Defender
Hm, you do know that extension behavior is fingerprintable as well, right? And the user base of these extensions is small as heck, so if you are using them to reduce your uniqueness, that is not the way to do it, like, at all.
Some browsers do have built-in defenses that cover both Canvas and WebGL (although there are still other avenues to fingerprint you, these two are often used): Brave Browser, Bromite (Android-only), Firefox with RFP on (better: LibreWolf), Tor Browser
It is advisable to use the built-in defenses of browsers over extensions because the built-in defenses have a bigger user base. Just saying.
Thanks. I hadn’t considered the extensions as a means of fingerprinting.
Tor is a PITA.
Last time I tried FF it gave me too many problems.
Brave I tried during development when it did not support some of the extensions I use. Just now Brave with Bitwarden only results in ‘strong protection’ on the above. I will need to test it later with other extension I use.
First of all, I use a Sandbox for the browsers I have. And even in a session when I not closing only a tab and not the browser I use add-ons such as Auto Cookie Optout, cookie block, self-destructing cookies, and cookie autodelete.
> how do you handle cookie and data collections on the Internet?
// Content blocking category : ‘strict’ or ‘custom’
pref(“browser.contentblocking.category”, “custom”);
// Cookie behavior : block 3rd-party cookies
pref(“network.cookie.cookieBehavior”, 1)
// Cookie lifetime policy — 0=keep until they expire (default), 2=keep until you close Firefox
pref(“network.cookie.lifetimePolicy”, 2);
More cookie specific settings but that’s the basis
Cookies, localStorage, IndexedDB cleanup handled by the Cookie Autodelete extension.
Regarding Google’s new cookie popups for European users,
Device is in France (so am I btw). I haven’t encountered the new popup (yet) which may be related to the fact that I run a userscript named ‘Google Shut Up!’ [https://greasyfork.org/en/scripts/410687-google-shut-up] :
“Remove annoying cookies popup on google and youtube login popup on youtube!”
Nevertheless given I block Google cookies (because not required for the use I have of Google) but not YouTube cookies (because blocking YT cookies appears problematic), I’ve modified the above mentioned userscript to handle only YouTube cookies :
// @include /^https\:\/\/[a-z]*\.(google|youtube)\.[a-z]*/
->
// @include /^https\:\/\/[a-z]*\.(youtube)\.[a-z]*/
I’ve set cookie permission for YouTube to ‘Allow’ (remain after restart) and told the ‘Cookie Autodelete’ to keep only YouTube’s CONSENT cookie : other YT cookies, “YT-localStorage” and “YT-IndexedDB” are wiped as soon as YouTube pages are closed.
That’s about it. The environment is more complex but that’s the basis I guess. Hard to explain neither too much neither insufficiently.
@Tom Hawack
I don’t even keep the YouTube “Consent” cookie like you do. I am not comfortable with keeping any Google cookies around.
What I do is just block the annoying consent pop-ups or full-site windows from Google on YouTube via adblocker:
https://old.reddit.com/r/uBlockOrigin/wiki/solutions#wiki_consent_dialog_popup
You do have uBlock Origin around, right? Then add the applicable filters, problem solved. The consent cookie can the be auto-deleted just like the rest.
Alternatively, one can just use an Invidious instance that is superior to the official YouTube anyway (Tom, you know about this already, posting this for other readers who are intrested perhaps):
https://docs.invidious.io/instances/
@Iron Heart,
Thanks for the tips.
With the above-mentioned script, ‘Google Shut Up!’ [https://greasyfork.org/en/scripts/410687-google-shut-up], I don’t even need to add any dedicated UBO filter. The script handles adding the CONSENT cookie to YouTube. In fact my DnsCrypt blocklist even includes :
consent.google.com # HANDLED BY Google Shut Up! USERSCRIPT
consent.youtube.com # HANDLED BY Google Shut Up! USERSCRIPT
Of course I could NOT set allow cookie for YouTube (just a session cookie), and/or I could wipe all YouTube cookies (CONSENT included) with ‘Cookie Autodelete’ when exiting YouTube.
If I keep the YouTube CONSENT cookie it’s because when no cookie, the script starts and sets the cookie, and that means a half-second blank page before YouTube appears. It bothers me :=)
It bothers me less if I tell ‘Cookie Autodelete’ to keep the CONSENT cookie, but if cookie permission for YouTube is session-only, I have to go through the cookie initialization on every new session.
From there on,
YouTube cookies allowed + ‘Google Shut Up!’ userscript + ‘Cookie Autodelete’ extension
=
All is wiped from YouTube when exiting : cookies except CONSENT & localStorage & indexedDB
The idea is that the ‘Google Shut Up!’ userscript avoids any bother with the YouTube consent popup, as well as with the Google consent popup when applicable. Because what I use from Google (images, maps) runs with cookies forbidden for Google.com … no problematic there (but I must have modified the script otherwise I get an infinite loop when it tries to add the CONSENT cookie when accessing google domains). I had tested a Google service which requires the CONSENT, Google News, and the script worked as well as with YouTube (Google cookies no longer blocked of course). Consent apart I quit Google News as fast as I had started it : no direct link to the news articles, all goes through Google redirecting servers : NEVER that here, lol.
Thanks again. Without the script the method you evoke is keen, indeed.
I forgot to mention that when I do open YouTube I have two dedicated POWER extensions :
Unhook YouTube [https://addons.mozilla.org/en-US/firefox/addon/youtube-recommended-videos/]
YouTube Popup Tamer [https://addons.mozilla.org/en-US/firefox/addon/youtube-popup-tamer/]
Both help a lot. But as you mentioned it alternatives exist, Invidious indeed as well as Piped, the latter IMO far more efficient, beautifully crafted, my main alternative.
Tomorrow is voting day here in France so I’ll have to get shaved, showered for the second round, lol (spending far too much time in front of the screen and in back of my obligations). Read you later, as always :=)
https://addons.mozilla.org/en-US/firefox/addon/temporary-containers/
Are you using this yet? It’s a trusty companion since years. Each tab or tab group its own session. Close a group, everything in it is cleaned. No restarts needed.
@Frankel, I don’t use Firefox’s Container Tabs feature and if it weren’t for extensions which require it (such as ‘Cookie Quick Manager’ which doesn’t display as well without it) I’d disable it completely:
// disable Container Tabs
// pref(“privacy.userContext.enabled”, false); // Do not disable if running Cookie Quick Manager
So I can’t share any opinion regarding the ‘Temporary Containers’ extension…
I’m not advising, not implicitly stating I’m right, I just never got used to this Container tabs feature…. but that’s another debate :=)
You will not reach higher levels of isolation whilst avoiding any breakage at the same time, but touché.
I think, This change in specifications will only be limited to EU countries where the CNIL (Commission nationale de l’informatique et des libertés: National Commission on Informatics and Liberty) has discretion.
In January 2022, Google was ordered to pay a €150 million fine by the CNIL, which oversees personal data protection, after it was ruled that its “banner that allows users to choose whether to accept or reject cookies that track them” was illegal. In response, Google announced that it will implement a new cookie banner under the direction of the CNIL and roll it out for the European region.
New cookie choices in Europe
https://blog.google/around-the-globe/google-europe/new-cookie-choices-in-europe/
The new banner is being launched in France at the beginning of April 2022, with plans to expand to the European Economic Area (EEA), the United Kingdom, and Switzerland.
Respect to French people and regulators to not take Google’s BS anymore.
> how do you handle cookie and data collections on the Internet?
I block all cookies except for trusted sites.
Even on sites I trust, I delete cookies immediately.
For this purpose, I use the browser extensions “uBlock Origin, CookieBlock, Cookie Quick Manager, and Cookie AutoDelete”. In addition, “ClearURLs” and “LocalCDN” as redirection measures.
As for data collection, I feel that WPD, W10Privacy, simplewall, VoodooShield, and shellbag_analyzer_cleaner are effective countermeasures.
When using Apple products, I select the “Block all cookies” and “No history” settings.
@owl
> CookieBlock, Cookie Quick Manager, and Cookie AutoDelete
Aren’t these more or less duplicates (correct me if I’m wrong)? At least Cookie AutoDelete and Cookie Quick Manager seem to be duplicates, I mean.
@Iron Heart,
“Cookie Quick Manager” is useful because it allows me to check the details of cookies. I used to use uMatrix in the past, but when I realized how useful Cookie Quick Manager was, I stopped using uMatrix and moved to uBlock Origin. I use it in conjunction with Cookie Quick Manager, interpreting it as “the option of deleting with Cookie AutoDelete complements Cookie Quick Manager”. It may be an inertial decision.
GitHub – ysard/cookie-quick-manager:
An addon to manage (view, search, create, edit, remove, backup, restore) cookies on Firefox.
https://github.com/ysard/cookie-quick-manager
GitHub – Cookie-AutoDelete/Cookie-AutoDelete:
Firefox and Chrome WebExtension that deletes cookies and other browsing site data as soon as the tab closes, domain changes, browser restarts, or a combination of those events.
https://github.com/Cookie-AutoDelete/Cookie-AutoDelete#readme
Advice is welcome.
>”I block all cookies except for trusted sites.
Even on sites I trust, I delete cookies immediately.”
Same here. I also clear all data each time I close the browser. If I find something I want to keep track of, I simply bookmark it.
Also I don’t visit Google sites or allow Google js on any sites.