Cookiebot consent popup justifiably blocked by Enhanced Tracking Protection settings?
If you open this website: https://www.zonnebloem.nl/ with the option Enhanced Tracking Protection the cookiebot popup banner is not shown as the third party tracking cookie from domain https://consent.cookiebot.com is protected and NOT loaded.
Does this mean Mozilla Firefox sees the https://consent.cookiebot.com cookie as a third party tracking cookie that needs to be blocked as nobody gave consent to load the cookiebot consent popup?
Question 1: Is according to Mozilla Firefox https://consent.cookiebot.com a third party tracking cookie that needs to be blocked if you as a user want to have guarantees over your privacy online?
Question 2: Is it not strange to see Firefox blocking a widely used cookie consent system to protect users by giving consent to select which cookies will be set yes/no?
Wót Jordan van Bergen
Wšykne wótegrona (3)
Hi Jordan, two thoughts:
(1) Mozilla uses lists of tracking sites developed by Disconnect. Sometimes there may need to be an exception to balance other user needs. If this is a common cookie permission service, someone probably has filed or will file a bug report at https://bugzilla.mozilla.org/.
There probably is a way to allow scripts from *.cookiebot.com as a workaround (I haven't tested it yet, but it would be along the lines of the one used for the Disqus commenting service).
(2) Meanwhile, Mozilla is working on a new feature: Block cookie banners on Firefox. Testing launched in Germany, so if you are in Germany, this might also be a factor. Or maybe it has expanded to the entire GDPR region.
jscher2000 - Support Volunteer said
Hi Jordan, two thoughts: (1) Mozilla uses lists of tracking sites developed by Disconnect. Sometimes there may need to be an exception to balance other user needs. If this is a common cookie permission service, someone probably has filed or will file a bug report at https://bugzilla.mozilla.org/. There probably is a way to allow scripts from *.cookiebot.com as a workaround (I haven't tested it yet, but it would be along the lines of the one used for the Disqus commenting service). (2) Meanwhile, Mozilla is working on a new feature: Block cookie banners on Firefox. Testing launched in Germany, so if you are in Germany, this might also be a factor. Or maybe it has expanded to the entire GDPR region.
Thanks for the reply. I summarize below how it works.
1. Mozilla uses lists of tracking sites developed by Disconnect, this is the link: https://disconnect.me/trackerprotection and on this thread it's explained that consent.cookiebot.com is a third party tracking cookie itself and as well: https://githubissues.com/disconnectme/disconnect-tracking-protection/353
On this https://bugzilla.mozilla.org/show_bug.cgi?id=1899092 bug report it's explained as followed: A CMP may enable user choice, but that doesn't technically prevent the CMP from doing tracking themselves.
Are you able to confirm this is why cookiebot consent is seen as a third party tracking solution as well and therefore blocked by the Enhanced Tracking Protection in Mozilla Firefox?
I agree with your research. The only thing I would point out is that Firefox is blocking the script(s) from Cookiebot, which is why the consent overlay is not displayed. If only the cookie were being blocked, you would get the consent overlay on every page since the site would not have a record of your decision and would need to ask again.
It's not clear how this will get resolved.