Company urges industry to adopt "one-and-done" solution

Cyprus-based internet browser Aloha, which operates on a privacy-first approach, this week sent an open letter to the World Wide Web Consortium, rallying industry leaders to eliminate “annoying cookie banners” while protecting user privacy.

According to the announcement, the “goal of the initiative is to create a new industry standard that gives users more control over their data and simplifies cookie consent management”.

Moreover, the company proposed a “one-and-done” solution to address the shortcomings of the GDPR cookie consent process.

This involves moving cookie consent management from individual websites to the browser level.

In addition, the company pointed out that the specification for Aloha’s solution, alongside an example of its implementation, are open-sourced in Aloha’s public GitHub repository.

Furthermore, Aloha highlighted data from Advance Metrics Analysis, which showed that approximately 70 per cent of consumers either close or disregard the cookie banner entirely, resulting in data collection vulnerability.

The company explained that this happens because the banners often disrupt the user’s browsing experience.

“Despite efforts from regulators, the company continued, “the option to “Reject All” cookies is often hidden or requires significant effort to find and select”.

According to Aloha’s own estimate, the average internet user wastes 32 hours per year clicking away cookie pop-ups.

The company said that this equates to 760 lifetimes per day when multiplied by the number of total internet users.

“In response”, Aloha mentioned, “many users resort to ad-blockers, which remove these prompts entirely but may still leave them vulnerable to unwanted data collection”.

Cookie pop-ups are more time-consuming than users realise

“We’re committed to protecting human privacy and saw an opportunity to make a huge impact by simply shifting cookie consent management to the browser level,” said Andrew Frost Moroz, Founder of Aloha Browser.

He further stated that “this simple shift gives users a consistent, easy-to-use interface to manage their privacy preferences across all websites”.

“We also open-sourced our technical specification so that industry players can collaborate in building a more private, user-friendly internet for everyone,” he added.

Aloha stated that its approach improves the effectiveness of current consent management practices while maintaining compliance with GDPR and other privacy regulations.

“The current implementation of GDPR cookie consent management has created an ironic situation where attempts to protect privacy are, in fact, leading to more data collection, rather than less,” Moroz explained.

“We cannot accept a situation where, instead of making conscious decisions about what data can be collected by a website, consumers, being overwhelmed by the frequency and complexity of cookie requests, choose the easiest and quickest path—either they ignore cookie banners or accept all cookies,” he added.

The Limassol-based company said that its cookie consent management solution “addresses this issue and provides a more user-centric and effective method for privacy management”.

“It is designed to eliminate the constant barrage of cookie pop-ups by allowing users to set their cookie preferences just once, at the browser level,” the company stated.

“These preferences,” it continued, “are then automatically applied to every website visited, eliminating the need for per-site cookie pop-ups”.

“This unique approach reduces interruptions and ensures that user privacy decisions are meaningful and informed,” Aloha mentioned.

According to the announcement, this new feature will be rolled out through the Aloha Browser in the coming weeks.

The company said that it offers global consent options, allowing users to “Allow all” cookies, “Reject all” cookies, create custom settings for different cookie categories, or customise cookie preferences for specific websites.

“The browser securely stores these consent preferences and implements a standardised API for websites to query the user’s consent status,” the announcement concluded.