Privacy
Cookie consent baseline
If you set non-essential cookies before the user explicitly opts in, you're failing the standard most regulators now enforce.
What it is
The ePrivacy Directive (the 'cookie law') predates GDPR but still governs cookie behaviour in the EU. The combined GDPR+ePrivacy regime is what regulators actually enforce: prior consent, granular categories, easy refusal. The proposed ePrivacy Regulation that would have replaced it was withdrawn by the European Commission in 2025, so the 2002 Directive remains the operative law.
Why it matters
European DPAs have ramped up enforcement against dark-pattern banners and silent tracking. Even outside the EU, a clean consent layer is becoming the baseline trust expectation.
Who it applies to
Any site with EU traffic, plus increasingly any site claiming to respect user privacy.
How WQI scores it
Web Quality Index considers this standard satisfied when all of the 2 supporting factors pass.
| # | Factor | Status |
|---|---|---|
| 46 | Cookie banner presence + CMP detection | planned |
| 51 | Cookie scan — actual cookies set on first load | planned |
0 of 2 supporting factors are currently collected. Sites where the remaining 2 haven't been measured will show as partial or unknown on this standard until the data lands.
Related standards
- See also
- GDPR , CCPA , ePrivacy Reg.
Standards that share factors with this one
Auto-computed from overlapping factor tickets in satisfiedBy, excluding standards already listed under "See also" above. Strong overlap suggests these standards rise and fall together when sites are scored.