Cookie fatigue is real. The EU introduced a law some years ago which requires people to consent to cookies as they browse websites. The result is a continual stream of annoying notifications and popups asking people to accept cookies which virtually no one reads or understands. It has no value and serves no purpose. That said, I think sharing personal information provided by consumers is different from general cookies: If Home Depot was planning to share email addresses people enter for receipts then they should have made this very clear at the time people agreed to provide their addresses.

I see an even murkier path forward with consent and companies’ use of personal information for marketing purposes, primarily due to more stringent privacy laws that are being enacted. It’s kind of like the perfect storm. Consumers want preferred treatment, but don’t want their personal data shared irresponsibly with other, unknown parties. And companies seek more customer 360 understanding, but fear legal backlash if they get creative with consumer data. Threading the needle is a real balancing act.

And here I thought the offering of a choice between an email and hard copy receipt was for my convenience–you know, the customer. How naive of me. Of course they wanted to sell my data. Of course. Who wants to go through the consent nonsense while in a checkout line? But it’s available upon request or online? Seriously? Sigh–back to Lowe’s.

Consumers won’t forfeit access, discounts, offers or other benefits as long as they don’t feel invaded or abused. Until data is breached and their personal and financial information is hacked and becomes detrimental to them, they won’t take any action. Clicking on opt-ins and consent forms is like blinking, especially for younger consumers who grew up fully transparent. The truth is, businesses like more data, so it is not in their interests to help limit access to it. Consumers need to push back when they are ready.

Twenty-five hundred to 4,500 words of legalese? I am surprised that as many as nine percent of the people read them at all. ZERO percent would not have surprised me.

OPC Commissioner Dufresne said. “Consent fatigue is not a valid reason for failing to obtain meaningful consent.” Do you think Mr. Dufresne understands that the process is specifically designed to produce consent fatigue? To me, the objective of the process is to make it so convoluted that the customer simply clicks “OK.” Am I being too cynical?

When have we ever been asked, most simply, “Would you like us to share your data?”

The vast majority of consumers ceased reading software license agreements many years ago. The desire to use a particular platform overwhelms any hesitance about what that agreement might contain deep within the document. The same is happening today with cookies. I believe most consumers click on the dialog box about cookie acceptance as if it is an interstitial page offering a 10 percent discount in exchange for an email address. I would say that easing the process is the answer but there should be a movement to clarify the substance of what we are asked to agree to and we should require everyone to use a similar format.

It’s simple. If you ask for a customer’s data (name, email, address, phone, etc.), tell them in a simple sentence or two what you plan to do with it. Give the customer the option of agreeing (or not) to the use. Done the right way, the customer will appreciate and trust you (more).

The consent fatigue is alive and well and growing exponentially. Consent forms should be transparent and easy for consumers to understand which will complicate a retailer’s effort to drive personalization. Handing over your personal data to a retailer is one thing, but agreeing that that retailer can share the data with advertisers, Meta, and other ancillary businesses is taking advantage if consumers are not fully aware of this practice. The consumer is also becoming more protective of their data, especially with the likes of generative AI threatening to implode cybersecurity efforts which have been widely reported. As retailers build their Retail Media Networks (RMN), and continue to offer customer data to their advertisers, it is only a matter of time before the consumer gets savvy to this data sharing as well. The class action lawsuit on biometrics usage with Amazon and New York City will be a landmark case in collecting this type of data. Overall, there will be a new wave of consumer privacy concerns based on the increasing collection, use, and sharing of… Read more »

This is a tough one. No one reads all of that legal “stuff” when they initially sign in or log in to–anything. One just agrees in order to get on with it. If you don’t agree, then you do not get to buy, or visit, or stream, or whatever. What would really help would be to “kill” the legal language that is always in place and write something short in “plain English.” And give people options for a decision: “yes you can use my data” or “no you cannot use my data.” If only the world were this simple!

It’s not just the cloud of how consent is “clicked through,” it’s the fact that consent can be coerced by the manufacturer if you want to use some of the advertised features of their products. Try using a smart TV with, say, Alexa if you don’t agree to the privacy policy. Opt out and you can’t use that feature (or others) at all. And if you do faithfully read all the privacy implications and decide to go ahead, a month later a new revised privacy policy arrives for you to decipher and agree to. It’s very one-sided and complex.