Eight years of GDPR. Over \u20ac7.1 billion<\/strong> in cumulative fines since 2018 (\u00a0GDPR Enforcement Tracker \/ ComplianceHub.Wiki, January 2026 <\/a>). Thousands of cookie banners deployed across just as many websites.<\/p>\n Yet anyone who browses the internet knows the scene well: every time you open a site, a banner appears. You make a choice. You close it. You open another site. You start again. The next day, on the same site, the browser has wiped your preferences and the banner is back.<\/p>\n This consent fatigue<\/strong> is real and well-documented. But its root cause is not the consent mechanism itself: it is the quality of implementations. Dark patterns. No \"Reject\" button at the first level. In-app browsers that don't share storage with the system browser. Low-quality cookie banners that fail to correctly implement regulatory requirements.<\/p>\n Consent is not the problem. Poor implementations are.<\/strong><\/p><\/blockquote>\n A correctly configured Consent Management Platform, in compliance with EDPB guidelines, can significantly reduce unnecessary interactions. Consent, when properly implemented, does not feed consent fatigue - it reduces it.<\/p>\n But there are real structural inefficiencies that no Consent Management Platform, on its own, can fully resolve. The ongoing regulatory debate at European level has made this clear - and that is where the On 11 March 2026 we submitted the My Agile Privacy\u00ae Position Paper<\/strong> as part of the public consultation on the Digital Fitness Check. The document is available on the European Commission's Have Your Say platform <\/a>.<\/p>\n Our position is nuanced: we share the objective of reducing consent fatigue and simplifying the regulatory framework, but we flag specific risks that, if not addressed during the revision phase, could produce effects contrary to those intended - particularly for European SMEs and the digital sovereignty of the Union.<\/p>\n The central risk of Article 88b is precise: if browser signals were to replace<\/strong> the Consent Management Platform, they would not meet the requirements for specific and informed consent under Art. 4(11) GDPR. A preference expressed in general terms does not incorporate the information necessary to constitute informed consent with respect to the specific processing of each data controller.<\/p>\n Delegating consent to the browser without a Consent Management Platform is not simplification. It is a transfer of responsibility to an actor that lacks the tools to handle it.<\/strong><\/p><\/blockquote>\n It is in this context that navigator.consent<\/code> proposal originates.<\/p>\n
\nThe Digital Omnibus and our position to the European Commission<\/h2>\n
navigator.consent<\/code> sits within a broader regulatory debate that directly concerns the future of consent in Europe: the Digital Omnibus<\/strong> (COM(2025) 837), the European Commission's legislative proposal that, among other things, introduces Articles 88a and 88b into the GDPR, opening the door to browser-level configurable preference signals.<\/p>\nnavigator.consent<\/code> offers a different answer - and one more consistent with GDPR requirements.<\/p>\n
\nWhat
navigator.consent<\/code> is and how it works<\/h2>\nnavigator.consent<\/code> is a browser API proposal<\/strong> - currently in the status of a public RFC (Request for Comments), not yet a W3C standard (World Wide Web Consortium, the international body that defines web technical standards) - that creates a neutral interoperability layer between Consent Management Platforms and \"Privacy Assistants\": browser extensions that automatically apply the user's consent preferences.<\/p>\n