Seems like opting out of website cookies doesn't actually guarantee you are opted out of website cookies

Global Cookie Opt-Out Signals Are Being Ignored by Major Tech Giants

If you click on almost any major website, you'll surely have noticed that you get asked about cookies. These files store your preferences and help companies track your data. However, it turns out that even if you decline to use them, there's a good chance you are not actually opted out of website cookies. A recent audit from webXray has found that "major technology companies simply ignore globally defined opt-out signals" (via TechSpot), revealing a critical gap between user choice and digital reality.

The 80% Failure Rate in Protecting User Privacy

The report, which analyzed 242 ad tech vendors, exposes a staggering 80% failure rate to adequately respect user opt-outs. According to the findings:

• 194 online advertising services were observed ignoring standard opt-out protocols.
• 55% of sites continued to set ad cookies even after users explicitly opted out.
• 78% of cookie banners, including those certified by Google, failed to protect their users from tracking.

Even more concerning is the specific failure of Google's own infrastructure. webXray examined Google's system and discovered that when an encoded opt-out signal is sent, Google responds by creating a new advertising cookie named IDE. The report notes that this non-compliance is "easy to spot, hiding in plain sight," suggesting that Google should instead respond to encrypted cookies with a 451 code (indicating the content is unavailable for legal reasons).

The data highlights severe compliance issues across the industry:

• Google failed to adequately opt-out users in 86% of cases, resulting in over 11,000 cookies being set despite user preferences.
• Microsoft, which creates a new MUID cookie even when an encoded signal is sent, failed to respect opt-outs in 50% of attempts (over 7,500 cookies).
• Meta's Pixel tracking code fails to check for opt-out signals entirely, resulting in a 59% failure rate and over 1,200 cookies set against user wishes.

Legal Fallout and the $5.8 Billion Liability Risk

The report argues that this widespread non-compliance has created a "legal minefield that puts users at risk." The financial consequences for these tech giants are substantial, with companies' liability exposure potentially racking up to a whopping $5.8 Billion. In their California Privacy Audit released on April 14, 2026, webXray highlighted that Google-Certified Cookie Banners failed to provide full protection in 100% of tested instances.

While the worry of legal fees and penalties might eventually force a correction, the current landscape suggests that opting out is not a guarantee of privacy. As webXray concludes, the industry's disregard for global standard signals means users remain vulnerable despite their best efforts to control their data.