Now that we've had the GDPR for a while, studies are starting to emerge around digital consent mechanisms used across the web.
This study takes a look at how consent is handled across 5 of the largest tech businesses, Amazon, Apple, Facebook, Google and Microsoft, taking a particular look at how they deploy assymetric and covert means to lull people into falsely consenting to intrusive tracking.
I know that in my own work I have often had frustrating conversations with other digital marketers who frequently like to take their lead from what these companies are doing. From this study and observed behaviour in general, it's clear that that is not a good enough approach when wishing to comply with the GDPR.
Considering the empirical results, little evidence has surfaced that suggest the GAFAM web pages were designed with a human-centric perspective to empower users to give their informed consent. On the contrary, the nature of the techniques employed suggest that empowering users is not the main focus of these consent mechanisms. Patterns of coercion that nudge the user towards consenting, strategies of information hiding, covert and confusing interface behavior have been shown to exploit human cognitive weaknesses more than supporting the complex process of consenting to a multitude of data collection and utilization.
It remains to be seen whether the regulatory bodies who are supposed to be enforcing the GDPR will be able to do anything about these flagrant abuses of the law.