Cookie Consent

Last updated:

Practical patterns for fair, accessible consent that actually gates non-essential scripts.

01 — Foundation

Cookie banners are legal and trust infrastructure — not a dark pattern delivery mechanism.

Cookie consent interfaces decide when analytics, advertising, and third-party embeds may run. They must be understandable, fair, and accessible — and they must actually gate scripts until choice is made.

02 — Choices

Reject must be as easy as accept — not hidden behind three screens of guilt.

  • accept all, reject non-essential, and customise — with comparable prominence
  • plain language — what categories exist and what each enables
  • link to privacy policy; do not bury the only explanation in legal PDF tone
  • remember choice; do not re-prompt on every navigation without reason

03 — Technical

A banner that does not block tracking is decoration.

  • load non-essential tags only after consent — see Third-Party Embeds
  • default to minimal cookies until opt-in where law requires
  • document which embeds map to which category for audits

04 — Accessibility

Consent dialogs are dialogs — treat focus and keyboard seriously.

  • keyboard access for all choices; visible focus
  • do not trap users in an endless consent loop on first visit
  • allow reopening preferences from footer — “Cookie settings”

05 — Review

A short checklist for cookie consent in code review.

  • reject and accept are fairly available; copy is understandable
  • non-essential scripts are blocked until consent
  • UI is accessible; preferences can be changed later