Cookies, Consent, and Clicks – Will the EU New ‘Reject All’ Rules Work?

The European Union is poised to rewrite its cookie‑consent landscape with the Digital Omnibus, a legislative package that fuses the GDPR and the e‑Privacy Directive. By requiring a single‑click “reject all” button, regulators hope to eliminate the repetitive consent fatigue that costs users an estimated 198 million hours each year. This move also promises to simplify compliance for publishers, who currently juggle multiple consent‑management platforms and face mounting legal scrutiny.

However, the effectiveness of a one‑click reject option hinges on the design of the underlying banners. Industry‑crafted consent dialogs have long employed dark‑pattern tactics—highlighting accept buttons, burying reject choices behind extra layers, and exploiting the “legitimate interest” clause to sidestep explicit consent. Critics warn that without strict enforcement, the new rules could simply rebrand these manipulative interfaces, leaving users with an illusion of control while still feeding the data‑driven advertising economy.

For marketers and ad‑tech firms, the proposal signals a potential shift in how third‑party data is harvested across Europe. A genuine reject‑all function could shrink the pool of available tracking cookies, prompting a pivot toward first‑party data strategies or alternative identifiers. At the same time, businesses may benefit from reduced compliance overhead if the unified framework eliminates the need for separate GDPR and e‑Privacy solutions. The final shape of the Digital Omnibus will therefore influence both consumer privacy standards and the economic dynamics of the European digital advertising market.