Almost Half of Top Websites Now Misconfigure Google Consent Mode in Violation of Privacy Laws, Privado AI Research Finds

Staff Editor 2026-06-23
Almost Half of Top Websites Now Misconfigure Google Consent Mode in Violation of Privacy Laws, Privado AI Research Finds

Almost Half of Top Websites Now Misconfigure Google Consent Mode in Violation of Privacy Laws, Privado AI Research Finds

https://www.businesswire.com/news/home/20260623138373/en/Almost-Half-of-Top-Websites-Now-Misconfigure-Google-Consent-Mode-in-Violation-of-Privacy-Laws-Privado-AI-Research-Finds

Publish Date: 2026-06-23 08:00:00

Source Domain: www.businesswire.com

NEW YORK–(BUSINESS WIRE)–Privado AI, the agentic privacy platform reducing compliance risk at scale, today released research finding that 48% of the most-visited websites it tested have a misconfigured Google Consent Mode, sending personal data to Google Ads, even when visitors opt out.

The scan of 250 of the most-visited websites across California, France and the UK was run the morning after June 15, 2026, when Google removed the Google Analytics setting that had limited personalized ads when consent was set up wrong. With that backstop gone, Consent Mode is now the only control standing between a visitor’s choice and the Google ad stack. Any Consent Mode misconfiguration will now send the full signal to Google Ads for cross-device remarketing against visitors’ consent.

Consent management platforms record a visitor’s choice, but they were not built to verify if it is enforced across the tags and third parties that fire on a page. As marketing teams change third-party data flows week to week, new gaps open that the banner cannot catch.

On 48% of the sites Privado AI scanned, the visitors’ personal data was sent to Google Ads without proper consent. A person who opts out, expecting not to be followed, will still see personalized ads from that website across devices linked to their Google account. For the business running the site, the gap between the choice on screen and the data leaving the page is the compliance exposure for CCPA, GDPR, and many other privacy laws.

What the scan found

  • 48% of sites have at least one Google Consent Mode misconfiguration

  • 40% in California keep Consent Mode granted after a Global Privacy Control opt-out, violating CCPA

  • 28% in Europe start in a granted state by default, violating GDPR

  • 19% in Europe do not switch to denied after a visitor selects reject all, violating GDPR

  • Across the wider compliance study, 90% of sites fail at least one privacy compliance test, and 87% fail at least one check…

Source

More Stories

EUDI Wallet biometric compromise draws privacy concerns

EUDI Wallet biometric compromise draws privacy concerns

Staff Editor 2026-06-23
Morrison Foerster’s Data, Cyber + Privacy Practice Awarded Tier 1 Ranking in The Legal 500 United States 2026

Morrison Foerster’s Data, Cyber + Privacy Practice Awarded Tier 1 Ranking in The Legal 500 United States 2026

Staff Editor 2026-06-23
We might have to wait for Privacy Display on non-Samsung phones

We might have to wait for Privacy Display on non-Samsung phones

Staff Editor 2026-06-23

Terms and Conditions - Privacy Policy