Violations
Fingerprinting script persists after rejection
high Cookie Consent
Regulation
ePrivacy Directive — Cookie ConsentHow common
Relatively rare, but when it occurs it signals either intentional dark-pattern behavior or a deeply embedded third-party script that the CMP cannot control.
What this means
A browser fingerprinting script continued to collect device characteristics after the visitor explicitly rejected cookies. The visitor’s choice was ignored.
Why this is a serious violation
Fingerprinting after rejection combines two aggravating factors: the use of a tracking technique specifically designed to be invisible, and the disregard of an explicit refusal. Regulators view this combination as evidence of intentional non-compliance.
How to fix
- Audit all third-party scripts for fingerprinting behavior — many fraud-prevention and bot-detection tools use fingerprinting as a side effect
- Ensure CMP controls actually block script execution, not just cookie writes — fingerprinting does not use cookies, so cookie-blocking alone is insufficient
- Review CDN and security scripts: some DDoS protection and bot-detection services embed fingerprinting that runs outside CMP control
Check your website for this violation
Free scan — no registration required. Results in 30 seconds.
Scan now