Back to blog

We’re Releasing “The State of GDPR Consent” Report


Written by ,

Published February 11, 2019 · Updated August 7, 2019

We’re Releasing “The State of GDPR Consent” Report

GDPR has been in force since last May, but what has really changed? This report tries to answer that question by examining how organizations in the EU and North America are collecting and using data consents for EU internet users.

There are many indications that tech and advertising giants have a stake in keeping the status quo and won’t change without more of a fight. Google’s appeal against the €50 million fine imposed on them by the French CNIL seems to be proof of that.

But how are other websites reacting so far? If consent mechanisms are in place, do they work according to the GDPR philosophy? Or maybe they adapted to some of the requirements, omitting the rest?

We decided to investigate this matter in our latest report.

About the methodology

Consent is not the only base for data processing. However, it’s the simplest one to evaluate in practice. Most website owners want to use personal data in the form of persistent tracking cookies. Under the GDPR, in order to do that, they should ask for consent.

To see how companies meet their new obligations, we checked 200 websites – 25 from each of the following countries:

  • France
  • United Kingdom
  • Belgium
  • Germany
  • Spain
  • Poland
  • United States
  • Canada

For each country, we selected 5 large and visible organizations from the following sectors:

  • banking
  • insurance
  • e-commerce
  • media
  • government

And then scored the websites based on two main criteria:

  • consent mechanism quality
  • clarity and availability of information

The higher the score, the closer to the GDPR ideal. We invite you to learn all about the results, divided according to industries and countries.

The research, however, didn’t aim to evaluate who is and isn’t GDPR-compliant – we’ll leave that assessment to the relevant authorities.

What’s to come? We asked the experts

Statistics are not all that our report has to offer. You’ll also find there quotes from 4 specialist contributors giving their insight into the current (and future!) state of affairs. The list of experts includes:

  • Aurélie Pols, Privacy Engineer & founder of Competing on Privacy
  • Dr Johnny Ryan, FRHistS, Brave
  • David Clarke, Founder of GDPR Technology Group and Cyber Security advisor
  • Maciej Zawadziński, CEO of Clearcode and Piwik PRO

We asked them what they thought were the biggest events of 2018 and what to expect in 2019. Sound interesting? Check out the full report to see the results, the biggest trends we saw and what our panel of experts think we’ll see in 2019.



Karolina Lubowicka

Content Marketer

Content Marketer and Social Media Specialist at Piwik PRO. An experienced copywriter who takes complex topics of data privacy & GDPR and makes them understandable for all. LinkedIn Profile

See more posts by this author


David Street

Writer, marketer and data+stats specialist with a left and a right brain | LinkedIn profile

See more posts by this author

Core – a new plan for Piwik PRO Analytics Suite

Privacy-compliant analytics, built-in consent management and EU hosting. For free.

Sign up for free

New Call-to-action
Upcoming live webinar

June 17, 2021

Make smart decisions about your marketing budget – identify the best performing channels with Piwik PRO Analytics Suite

The road to a conversion can be long and wandering – especially if there are multiple touchpoints along the way. Social media, paid ads, referrals – how do you know which channel contributed the most to a conversion? Our expert will try to answer this and any other questions you might have in this webinar. Learn how to identify the best performing marketing channels, dive deeper into attribution models and stay for the Q&A at the end.

Sign up for this webinar