LET'S TALK
← All work
PrivacyGDPRePrivacyTracker DetectionDeep Prototype

CookieAudit — Cookie Consent Scanner

Scans 16 seeded sites for cookies set, classifies each into essential / functional / analytics / marketing, identifies tracker vendors, and flags pre-consent violations under GDPR + ePrivacy. The audit shape behind a cookie banner.

CookieAudit — Cookie Consent Scanner preview
Open live →

What it is

The shape behind a cookie-banner generator. For each scanned site: every cookie set, classified into the four CNIL/EDPB categories, with vendor identification and a verdict on whether the site complies with prior-consent requirements.

What it surfaces

  • 16 seeded sites — news, B2B SaaS, e-commerce, government portal, streaming, forum, telehealth, university, travel, docs, finance, blog, support, analytics dashboard, community app. Mix of EU, UK, US, and Canada properties.
  • Per-site cookie inventory — name, vendor, category, expiry, Secure flag, HttpOnly flag, SameSite mode, domain scope.
  • Category classification with regulatory references:
    • Essential (no consent — ePrivacy Art 5(3) exception): session, CSRF, cart.
    • Functional: language, theme, recent-viewed. Consent required.
    • Analytics: GA, Mixpanel, Amplitude, Hotjar, Segment. Consent required.
    • Marketing: Meta Pixel, TikTok Pixel, Microsoft UET, DoubleClick, Pinterest, HubSpot tracker. Consent required + explicit opt-in.
  • Pre-consent violation detection — flags sites in EU/UK that set non-essential cookies on first load before the consent banner has been accepted (the CJEU Planet49 violation).
  • Per-site findings — no banner present, pre-consent setting, SameSite=None without Secure, auth cookies without HttpOnly, long-lived cookies (>365 days).
  • Filter by status, free-text search across vendors.

Why this shape

Cookie compliance is one of the most aggressively enforced GDPR areas — the CNIL fined Google €150M and Meta €60M in 2022 for exactly the pattern this tool detects. The audit shape is universal: scan first load, classify cookies, verdict per site.

How it ships

Single HTML file, ~32KB. Zero dependencies. The category catalog, tracker pattern map, status logic, and per-site findings are 320 lines of vanilla JavaScript.

Open the tool →