To celebrate 10 years of Creator Weekly, I’m sharing tech highlights from 2015 that still resonate 10 years later. This update was for the week ending August 8, 2015.
Ten years ago Google introduced an EU user cookie consent policy that applied
to any website monetized with AdSense ads. The result? Cookie consent popups
across the web.
Compliance with the EU ePrivacy Directive
The EU ePrivacy Directive was enacted in 2002. Regarding cookies, it says, in short:
"Users should have the opportunity to refuse to have a cookie or similar
device stored on their terminal equipment. [...] The methods for giving
information, offering a right to refuse or requesting consent should be
made as user-friendly as possible. Access to specific website content may
still be made conditional on the well-informed acceptance of a cookie or
similar device, if it is used for a legitimate purpose"
“European Union data protection authorities requested some changes to current practices for obtaining end user consents. It has always been Google’s policy to comply with privacy laws, so we’ve agreed to make certain changes affecting our own products and partners using Google products.”
Earlier in 2015 EU data protection regulators had compiled a report showing most sites were not in compliance with the directive. They likely pushed tech companies to better ensure policies would be followed. (Google would be fined $162 million for violations on YouTube and google.fr in 2021, so maybe they didn't take it seriously enough).
The Blogger default EU cookie notice.
What did this new policy mean in practical terms?
It required AdSense publishers with any website visitors from the European Union to ask those visitors’ permission for AdSense to set cookies.
This was notable because so many websites monetize with AdSense ads. Many sites don't limit the consent request to EU site visitors, so it marked a noticeable increase in "accept cookie" popups.
Blogger also started showing a cookieconsent banner to EU blog visitors automatically.
All of this was technically complicated. At least to my understanding, it’s not enough to ask consent, you need to make sure that AdSense or Analytics or whatever does not set a cookie until permission is granted.
There was some help.
Google set up a website, Cookie Choices, which had some technical information and links to third party services you could use to manage this. But their stance was that this is a legal requirement so they can’t tell you exactly how it should be implemented
Google eventually launched their own Consent Management Platforms so that you can set up the consent process right inside your AdSense account.
Does this actually improve privacy? That isn’t clear. And in the meantime you end up needing to click a lot of consent banners while navigating the web.
As for cookies, they have supposedly been on the way out for years now. Many browsers, like Safari and Firefox, can block third party cookies by default.
Google has been working on plans to replace cookies for ad targeting with something with better privacy protection for several years. But earlier this year, Google announced they were stepping back from implementing changes in Chrome, so cookies will be with us at least a while longer.
So that means we’ll continue to have to click to opt out of cookies as we navigate the web
Inside AdSense, 27 July 2025:
Introducing a new user consent policy
Twelve years later Google launched a
new EU user consent policy that required people using Google products with end users in
the European Union to obtain consent to store or access cookies on that
user’s device.
Why did Google finally try to push compliance in 2015?
“European Union data protection authorities requested some changes to current practices for obtaining end user consents. It has always been Google’s policy to comply with privacy laws, so we’ve agreed to make certain changes affecting our own products and partners using Google products.”
Earlier in 2015 EU data protection regulators had compiled a report showing most sites were not in compliance with the directive. They likely pushed tech companies to better ensure policies would be followed. (Google would be fined $162 million for violations on YouTube and google.fr in 2021, so maybe they didn't take it seriously enough).
Do you want a cookie?
The Blogger default EU cookie notice.
It required AdSense publishers with any website visitors from the European Union to ask those visitors’ permission for AdSense to set cookies.
This was notable because so many websites monetize with AdSense ads. Many sites don't limit the consent request to EU site visitors, so it marked a noticeable increase in "accept cookie" popups.
Blogger also started showing a cookieconsent banner to EU blog visitors automatically.
All of this was technically complicated. At least to my understanding, it’s not enough to ask consent, you need to make sure that AdSense or Analytics or whatever does not set a cookie until permission is granted.
There was some help.
Google set up a website, Cookie Choices, which had some technical information and links to third party services you could use to manage this. But their stance was that this is a legal requirement so they can’t tell you exactly how it should be implemented
The view from 2025
Since then there have been more and more data protection and privacy requirements for web owners. There is the GDPR in the EU, regulations in various US States and around the world. The requirements are all a little bit different.
Cookie consent popups that I had to click through yesterday.
Google eventually launched their own Consent Management Platforms so that you can set up the consent process right inside your AdSense account.
Does this actually improve privacy? That isn’t clear. And in the meantime you end up needing to click a lot of consent banners while navigating the web.
As for cookies, they have supposedly been on the way out for years now. Many browsers, like Safari and Firefox, can block third party cookies by default.
Google has been working on plans to replace cookies for ad targeting with something with better privacy protection for several years. But earlier this year, Google announced they were stepping back from implementing changes in Chrome, so cookies will be with us at least a while longer.
So that means we’ll continue to have to click to opt out of cookies as we navigate the web
References
Google's EU user consent policy, current version. (2015 version)
Comments
Post a Comment
Spam and personal attacks are not allowed. Any comment may be removed at my own discretion ~ Peggy