Website Privacy Validation (5/6): Where are new and/or unapproved cookies and technologies showing up on my website?

If you’ve followed along with our privacy validation series, you know that we've discussed auditing privacy policy link presence, “do not sell/share” link coverage, cookie consent banner tag presence, and whether or not the consent management platform (CMP) is respecting user preferences. The next thing you should ask is, “Where are new and/or unapproved cookies and tags showing up on my website?”

Essentially, you want to see changes as they occur over time, detect new technologies if and when they appear on your website, and decide whether to add them to your approved list or take steps to remove them from your site.

Once again, we used ObservePoint to run an Audit of OneTrust.com, our example website for this series. We ran a standard 1000-page discovery audit and created a consent category to denote all  cookies and tags detected as “approved.”

We then waited a month and ran the Audit again, applying that consent category to see if anything beyond the original approved list surfaced since the previous run. In the reports, you can see that the Audit found 8 new cookies and 4 new tags that were not on the original standards list.

As you drill into “unapproved” cookies, you might find some that are unfamiliar to you. These should be reviewed further to determine purpose and ownership, and may need to be removed from the website.

Others might be immediately recognizable, like those from newly-published subdomains or a MarTech tool that was recently implemented. In this example Audit, the “utm_key” cookie from the “trustweek.onetrust.com” domain could be related to an event OneTrust hosts that simply wasn’t live during the previous run. In this instance, they could add that to the approved list.

 

Once that cookie is added, then any time it shows up in the future it will no longer be flagged as new or unapproved. ObservePoint enables you to continuously curate your cookie categorization and “approved” lists, so you only get flagged when items are truly out-of-standard, allowing you to focus solely on the critical issues that ensure your website stays in compliance.

If you’d like to see how you could audit your own website to continuously monitor for new or unapproved cookies and tags, reach out to get a pre-recorded demo.

Read the next post in our Website Privacy Validation series: Are requests coming from unauthorized countries, regions, or domains?

Related Posts

Sports Organization Establishes Reporting & Analytics Reliability

A professional organization with a massive tech stack and an impending site migration used ObservePoint to get legacy tech under control and establish automatic Audits for ongoing checks on site health and cleanliness.
Read More

A Guide to Continuously Monitoring Your Consent Management

We’ve taken highlights from an IAPP webinar with OneTrust and ObservePoint to give you a framework for organizing consent management validation: how often you should audit, what to look for, and how to remediate issues.
Read More

How to Remediate Issues Found in ObservePoint

Steps to take when your ObservePoint Audit finds common issues with your website.
Read More

Beyond Setup: Key Steps to Continuous Compliance in Consent Management

Learn why "set it and forget it" is a risky approach and how continuous monitoring can safeguard your compliance efforts.
Read More

ObservePoint and AI: Using AI to help you innovate with ObservePoint

In this episode, we cover how generative AI solutions like ChatGPT and Google Gemini can be combined with ObservePoint to unlock powerful, new insights with minimal effort or technical knowledge.
Read More

Top News from IAPP Global Privacy Summit 2024

We’re excited to share insights gathered at the International Association of Privacy Professionals (IAPP) Global Privacy Summit this April 3-4 in DC.
Read More

Sports Organization Establishes Reporting & Analytics Reliability

A professional organization with a massive tech stack and an impending site migration used ObservePoint to get legacy tech under control and establish automatic Audits for ongoing checks on site health and cleanliness.
Read More

A Guide to Continuously Monitoring Your Consent Management

We’ve taken highlights from an IAPP webinar with OneTrust and ObservePoint to give you a framework for organizing consent management validation: how often you should audit, what to look for, and how to remediate issues.
Read More

How to Remediate Issues Found in ObservePoint

Steps to take when your ObservePoint Audit finds common issues with your website.
Read More

Beyond Setup: Key Steps to Continuous Compliance in Consent Management

Learn why "set it and forget it" is a risky approach and how continuous monitoring can safeguard your compliance efforts.
Read More

ObservePoint and AI: Using AI to help you innovate with ObservePoint

In this episode, we cover how generative AI solutions like ChatGPT and Google Gemini can be combined with ObservePoint to unlock powerful, new insights with minimal effort or technical knowledge.
Read More

Top News from IAPP Global Privacy Summit 2024

We’re excited to share insights gathered at the International Association of Privacy Professionals (IAPP) Global Privacy Summit this April 3-4 in DC.
Read More