Helping publishers with cookie consent

Why is this important?

European laws require that digital publishers give visitors to their sites and apps information about their use of cookies and other forms of local storage. In many cases these laws also require that consent be obtained.

This site is produced by Google. We work with lots of publisher partners and, based on that experience, we wanted to provide any publishers with easy-to-implement tools that can help them meet their legal obligations to get user consent.

The tools on this site include code that publishers can use to inform their users about cookies and obtain proper consent on websites and apps. You can implement a splash screen, a notification bar or, for mobile apps, one-time pop-up alert. And you can customize the language presented to your visitors.

These tools are not designed to achieve compliance on their own, and should only be used as part of a wider compliance package.

Tools for Web Sites

CookieChoices.org provides code examples that can be used to create tools for publishers looking to comply with European laws.

We offer two basic tools for websites. The first tool will create a splash screen, which you may wish to use for your landing page. The second tool can be used to overlay a notification bar on your landing page. If you decide that a splash screen or a notification bar are the right approach for your site, you are welcome to use the tools provided here.

With each tool, you can customise a notice or statement directed to your visitors and invite your visitors to close the message (using wording of your choice such as "close", "accept" or "I agree"). Users also have the option of clicking a link to another page, such as a page that explains how your site uses cookies (again, you choose the wording for this link text). If users close the message, a cookie will be set to your domain. It is called 'displayCookieConsent' and has the value 'y'.

By default, the cookie that is set on closing the message has a lifespan of 12 months, but you can change that. While a browser has that cookie, the message will not show again. To change it, alter the _saveUserPreference JS function in the cookiechoices.js file below.

There are many ways to obtain consent to use cookies and what is right for one site may not be appropriate for another. So you should seek legal advice on your options.

Note that the tools offered here are designed to function on the maximum number of sites. They do not distinguish EU visitors from non-EU visitors, so all your visitors will see these notices unless you add your own geographic restrictions. Nor do they support switching off cookies, which can be done by end users through their browser settings. Be sure to carefully test the implementation on your own site. For example, if you are already setting a cookie called 'displayCookieConsent', the code on this page will not work properly.

Publishers using Google's DoubleClick for Publishers (DFP) Premium ad management solution can disable cookies on a per request basis. That feature can be used in conjunction with a publisher's own cookie compliance implementation. Other ad management solutions may have similar features.

Splash screen

If you want a solution with a mandatory screen presentation for users, the splash screen may be the right choice for you. The splash screen code can be adapted to suit your site and will present every visitor with customized text of your choosing.

The code will set a cookie to your domain for users that see the splash screen and click to close it (using wording of your choice such as "close", "accept" or "I agree"). The default cookie lifespan in the example code is 12 months, but this can be changed to any desired length (see the instructions above).

In order to implement this JavaScript solution you will need to copy and paste this code into the <body> of your page. You will also need to download the cookiechoices.js file and upload that file to your server directory.

Download cookiechoices.zip

<!-- You should make sure that the file cookiechoices.js is available
and accessible from the root directory of your site. -->

<script src="/cookiechoices.js"></script>
<script>
document.addEventListener('DOMContentLoaded', function(event) { cookieChoices.showCookieConsentDialog('Your message for visitors here.', 'close message', 'learn more', 'http://example.com'); }); </script>

Notification bar

This code can be used to overlay a notification bar on any page to which the code is added. You choose the text that is presented to the user. The user dismisses the notification bar by clicking one of its links.

The code will set a cookie to your domain for users that see the notification bar and click to close it (using wording of your choice such as "close", "accept" or "I agree"). Our code sets that cookie’s lifespan at 12 months, but you can change that period as you see fit (see the instructions above).

You will need to make design decisions about the page(s) on your site on which you want the notification bar to appear. You will also need to decide the appropriate text for your site.

In order to implement this JavaScript solution you will need to copy and paste this code into the <body> of your page. You will also need to download the cookiechoices.js file and upload that file to your server directory.

Download cookiechoices.zip

<!-- You should make sure that the file cookiechoices.js is available
and accessible from the root directory of your site. -->

<script src="/cookiechoices.js"></script>
<script>
document.addEventListener('DOMContentLoaded', function(event) { cookieChoices.showCookieConsentBar('Your message for visitors here', 'close message', 'learn more', 'http://example.com'); }); </script>

Tools for Mobile Apps

One-time popup alert

If you publish mobile apps that are impacted by the consent duty, this code can be used to show a one-time popup alert to users.

// This code will work in iOS 2 and up
// (spoiler: you're not going to need anything below iOS 6).
// Tested in iOS 7
// In your app's UIApplicationDelegate:

- (BOOL)application:(UIApplication *)application didFinishLaunchingWithOptions:(NSDictionary *)launchOptions { (...) NSUserDefaults *defaults = [NSUserDefaults standardUserDefaults];
if (![defaults boolForKey:@"termsAccepted"]) {
NSString *message = @"Your message for visitors here"; UIAlertView *alert = [[UIAlertView alloc] initWithTitle:@"Cookies" message:message delegate:self cancelButtonTitle:nil otherButtonTitles:@"Close message", nil]; [alert show]; } }

// Elsewhere in the file: - (void)alertView:(UIAlertView *)alertView
clickedButtonAtIndex:(NSInteger)buttonIndex {
NSUserDefaults *defaults = [NSUserDefaults standardUserDefaults]; [defaults setBool:YES forKey:@"termsAccepted"]; [defaults synchronize]; }
// This code works on Android API level 1 (Android 1.0) and up.
// Tested on the latest (at the moment) API level 19 (Android 4.4 KitKat).
// In the main activity of your app:

public class MainActivity extends Activity {

(...)

@Override public void onStart() { super.onStart(); final SharedPreferences settings =
getSharedPreferences("localPreferences", MODE_PRIVATE);
if (settings.getBoolean("isFirstRun", true)) { new AlertDialog.Builder(this)
.setTitle("Cookies")
.setMessage("Your message for visitors here")
.setNeutralButton("Close message", new OnClickListener() { @Override
public void onClick(DialogInterface dialog, int which) {
settings.edit().putBoolean("isFirstRun", false).commit();
} }).show(); } } }

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 3.0 License, and code samples are licensed under the Apache 2.0 License. For details, see our Site Policies.

Other Resources

If you want to find out more about Europe's laws on cookies, the following resources are good places to start:

The Article 29 Working Party (the umbrella body for EU data protection regulators), has also published guidance