x

Agency News

Careers

We're always looking for the best and brightest to increase our ranks. Think you might be a good fit for The Martin Group? Take a look at our currently open positions.

Contact Us

Learn how we can help your business. Call Sarah Warner at 716-242-7466, send an email, or fill out an online form.

x

Pass the cookies: Understanding consent management solutions

Levi Neuland
October 3, 2025

By now, web visitors are familiar with the term “cookies,” a small text file created by websites you visit to save information about your browsing session and make your online experience easier

But in the past year, we’ve observed an increase in usage of online “cookie banners”—a form of consent management solution which allows website visitors to control their privacy settings—by companies and organizations of all types.

Historically, these solutions were primarily utilized for countries operating in the European Union (EU) to comply with the region’s General Data Protection Regulation (GDPR) requirements, but additional regulations and challenges related to online tracking in the United States have motivated an increase in usage. Now, we’re recommending clients evaluate their current business situation to determine if they may need to implement a consent management solution on their website.

If you’re having these same discussions within your business or organization, what does this mean and where should you start? Throughout our conversations with our clients, here are some of the most important elements to consider, along with helpful direction for your operations.   

How consent management platforms work

Consent management platforms (CMPs) provide a centralized way to manage your website visitor’s consent. A CMP prompts visitors to accept or reject your website’s standard policies, adjust their personal settings, and pursue other data-related requests relevant to your business.

These platforms utilize on-website tools to restrict cookies and tracking scripts from running until there is the appropriate level of consent from your visitors. These on-website tools regularly scan for changes to your website to identify new cookies or tracking code that need to be identified, classified, and blocked by default.

A CMP has the benefit of enforcing regional legal requirements consistently, ensuring your company can stay in compliance as the laws are amended and new ones are introduced. 

Regional vs. U.S. regulations

There are existent legal regulations that make having a consent management solution mandatory.

Many of these regulations are based on your location, with the most relevant including the GDPR, which establishes personal data requirements for those in the EU and the European Economic Area (EEA). In Canada, there’s the Personal Information Protection and Electronic Documents Act (PIPEDA), which relies on 10 individual fair information principles to protect consumers and hold private businesses accountable for personal information under their control.

In the U.S., current regulations provide more control of personal data for consumers, allowing them to opt out of data being sold, data management requirements for corporations, and penalties for non-compliance. Unlike the EU’s GDPR—which is opt-in—most U.S. state laws are opt-out based. This means businesses must provide consumers with clear mechanisms to opt out of data sales or sharing, while explicit consent is usually only required for sensitive data.

These regulations have been in effect via (but not limited to) the California Consumer Privacy Act (CCPA), the California Privacy Rights Act (Amendment to CCPA), Virginia Consumer Data Protection Act (VCDPA), and the Connecticut Personal Data Privacy and Online Monitoring Act (CTDPA). Their success has influenced other states to join with measures over the past year, and they include the Oregon Consumer Privacy Act (effective July 2024), Texas Data Privacy and Security Act (July 2024), Montana Consumer Data Privacy Act (October 2024), Delaware Personal Data Privacy Act (January 2025), and the Tennessee Information Protection Act (July 2025).  

In New York State, 2005’s Stop Hacks and Improve Electronic Data Security (SHIELD) Act requires companies to develop, implement, and maintain reasonable safeguards to protect the security, confidentiality, and integrity of the private information they collect.

CMPs and Google

For most companies considering CMPs and the typical consumer journey know that, many times, these journeys begin on Google.

As part of the search engine’s ongoing efforts to ensure compliance in the EEA or UK and to continue to safely collect data, the company has updated its requirements to include mandatory accommodation of Google Consent Mode v2 CMP by all advertisers in those regions.

While CMP certification is only mandated in Europe, Consent Mode v2—which introduces new consent states for advertising data and personalization, utilizes AI-powered modeling to provide insights even when users decline consent for tracking, and enables continued measurement and reporting while maintaining privacy compliance—is required worldwide for proper ad serving and measurement when users decline personalized tracking. And though support of its CMP is not legally mandated in North America yet, the progression of regional laws around privacy suggest that Google may replicate its UK approach across the U.S. and bordering countries soon.

This means companies and organizations looking to implement a CMP should choose one that supports both Consent Mode v2 and Global Privacy Control (GPC) to assure their compliance is future-proof.

Protecting against litigation

In 2023, there was a significant increase in lawsuits against companies related to cookie tracking. These lawsuits focused on numerous topics, including (but not limited) to non-disclosure that the website was tracking visitors; incorrect disclosure of what data is being tracked; on-website settings related to privacy that did not properly restrict data access; and incorrect configuration or consent options, which is a violation of regional laws.

Since then, newer litigation trends have also targeted session replay tools, chat widgets, and analytics scripts under state “wiretapping” laws (notably in California, Pennsylvania, and Florida). Plaintiffs argue these tools collect user interactions without proper disclosure or consent.

Implementing a consent management solution has helped companies and organizations alleviate or limit these conflicts. Although each cannot stop an individual from pursuing litigation, implementing better standards and practices on your website can help reduce the risk of such actions. 

Making your CMP choice

After understanding all the aforementioned details, how should your business or organization choose a consent management platform?

The best place to start is with Google’s expansive list of approved CMPs. Each has a dedicated partnership with Google (to assure adherence to the search engine’s ad policy), and each can provide such elements as a customizable cookie policy approval banner to match your brand; automatic updates to comply with updated privacy regulations; weekly scans for cookie updates; multi-language support; ability to generate privacy policy, terms and conditions, and cookie policies; and a dependable CMP that will help your operation comply with requirements that protect consumer privacy data.

(Author’s note: The Martin Group uses Termly for our CMP needs.)    Whatever choice you make, be certain its compatible with the needs of your business or organization, and validates your commitment to providing visitors with a safe scroll through your website. This breeds confidence in your brand and, ideally, can lead to return visits from those comfortable in their protection.

Want to learn more about The Martin Group’s digital marketing expertise? Click here.

Levi Neuland

leads the digital strategy for the agency, making sure our clients stay on the cutting edge. You can follow him on Threads @levineuland.

Is your digital marketing falling behind?

Let us help - sign up and receive our free insights once a month.

Thanks! Please check your email to confirm your subscription!