I've been diving into how consent banners behave at the browser level, particularly regarding network requests and storage manipulation. What caught my attention is that on many major websites, when you click 'Reject,' it often appears to operate similarly to 'Accept'—the same third-party vendors are contacted, the same endpoints are used, and the same storage changes are made. I'm not discussing legal ramifications here, just the observable actions happening behind the scenes. Does this behavior indicate a lack of proper functionality, or is it commonly viewed as acceptable practice among teams? And do developers typically verify that rejecting consent effectively prevents any ad tracking or analytics?
2 Answers
Consent banners should ideally block the loading of analytics and ad scripts until consent is given. When you hit 'Reject,' those scripts shouldn’t load at all. But honestly, there are some parties that still find ways to bypass those intentions, classifying their tracking as 'necessary' to keep things running.
Not surprising at all! Many consent banners seem like a way to make it look like they comply with regulations while still doing what they want. It's practically a legal shield more than anything, and yeah, I’ve seen 'Reject' behave almost the same as 'Accept' on plenty of sites—with the same tracking still firing off.

Definitely! It feels like a lot of sites just treat those buttons as decoration. I’ve checked and found that around 95% of the behavior was identical when hitting 'Reject' vs. 'Accept'—same cookies and network calls. It's like they’re just checking the box without real compliance.