If any of your readership is in Europe, your website’s browsing experience has probably changed a lot in the last few months.

Instead of seamlessly accessing a website and reading its content, you’ll first have to battle your way through a barrage of popups asking you to give consent to cookies, tracking and countless other things. Fail to accept or agree to the requests, and there’s a good chance you won’t be able to access the content at all.

These kinds of experiences are played out time and time again on the web. The process of accepting or declining the terms of a cookie popup or even navigating away from a website because of them can prove irritating, so it wouldn’t be surprising if they are having an adverse effect on the way users browse online.

So, what are all the GDPR popups about? And are they really having a measurable impact on user experience and the way we browse?

Which is More Important: UX or Popups?

In the eyes of Wired’s Matt Burgess, GDPR has been a long time coming. Original data protection rules across Europe had struggled to keep pace with rapid technological changes. As companies logged the browsing habits of users at a quicker pace, any previous legislation that protected consumer data seriously slacked behind.

Cybersecurity expert Bruce Schneier certainly thinks individuals “should be alarmed, both as consumers and citizens” at data collection technologies like cookies. The cause for alarm comes from an ethical concern as to whether businesses have the right to track and store private data.

Love it or hate it, GDPR makes popups a necessity. Writing for the International Association of Privacy Professionals (IAPP), Gabe Maldoff notes how pre-ticked boxes or inactivity is presumed inadequate to confer consent under the GDPR. This means any user has to actively opt in for data harvesting.

But should those opt-ins get in the way of UX? Not if UX us as important as most companies believe it to be.

Over the past two decades, UX has risen to become a key part of any web design operation. And according to Jennifer Smith, a UX consultant for Fortune 100 companies, this isn’t surprising. Smith notes how UX impacts the success of an entire organisation — so much so that every dollar spent on UX has a potential ROI of up to 500 percent. With such a high return, it’s no surprise that webmasters are concerned about UX.

For creative director Goran Paunovic, UX is necessary to quickly gain trust, keep users on site and improve brand recognition. Good UX can be the difference between users staying on site and building a relationship with your brand or leaving and never coming back.

Mabl marketing lead Mike Ciulla goes one step further, claiming “UX is everything.” What else could be more important in your company than making your customers happy, Ciulla asks.

But even if it is everything, are GDPR popups really having such an impact on UX?

crash - GDPR

Drops in Traffic and Damaged Brand Reputation

Wez Maynard at Vertical Leap points out that users bounce more frequently in the face of popups. As a result, website traffic suffers. Further, Maynard argues that popups damage brand reputations in the eyes of users.

Could GDPR and similar future regulations force companies to sacrifice their branding in the name of compliance? Or do across-the-board changes simply normalize clunky web experiences?

An answer might be emerging. Mustafa Mirreh at PerformanceIN cites one study from Mailjet that found brands in the UK and France are cutting back on paid search and retargeting campaigns. As a result, some brands are bracing for a 50-percent reduction in web traffic.

This could still be a good thing, of course. Maybe this just means that the incentives for overly aggressive advertising are disappearing. That’s the optimistic view.

The pessimistic view is that some of the traffic-driving tactics many brands rely could become obsolete.

But Not Having Popups Can Lead to an Even Worse UX

Some sites have opted out of the popup game.

Rather than add more popups to comply with GDPR, they have blocked access entirely. Mikko Hypponen, CRO of F-Secure, noted in a series of tweets how a number of sites and services are severely limiting operations in Europe or shutting their sites down to EU citizens completely. This has left many Europeans without access to their favorite sites, begging the question of which is worse: a bad user experience or no user experience whatsoever?

Context here is important. As data protection expert Brian Honan points out, these companies have had two years to get their act together to become GDPR-compliant. What do their ham-fisted solutions say about their opinion of European users?

And as Port CEO Julian Saunders notes, many of these companies blocking EU traffic still hold data on EU citizens, meaning they are still required to comply with the regulations.

In other words, blocking traffic is pointless and just delivers bad UX with no upside.

The Impact on UX May Depend on the Popup

For most brands, the question isn’t as simple as having popups vs. not having popups. There is no standard popup to appease GDPR, and different companies are taking vastly different approaches. And the truth is the way that popups are implemented could dramatically change user experience and the fortunes of companies.

Journalist Nitasha Tiku, writing for Wired, cites a study by PageFair, a SaaS company that helps publishers to handle ad blockers. PageFair gave website visitors a choice for being tracked: to only accept first party tracking or to reject all tracking unless it was strictly necessary. Only 5 percent of users accepted the first option.

Conversely, retargeting company Criterio tested a small banner at the bottom of the page that told users they consented to tracking by clicking any link on the page. Criterio didn’t provide any data, but it’s not hard to believe that the average browsing experience remained similar to the pre-GDPR experience.

Journalist Martin Brinkmann, writing on ghacks.net, also highlights two approaches to GDPR consent popups and their resulting impact on UX.

The first example he cites is USA Today, which redirects EU visitors to a walled-off version of the site. According to Brinkmann, the page loads instantly and comes without any ads or tracking. But the site comes without a menu, and you can only browse the top headlines. Depending on who you are and how you use the site, this is either a fantastic experience or a terrible one.

The Verge, Brinkmann notes, takes a different approach. There is no option of not giving consent to tracking on their website. You either accept, or you a half-page banner remains on the site for as long as you are on it. However you use the site, this is a terrible user experience.

Projects By If is currently doing some fascinating research into how popups and consent forms can impact a site’s UX. They currently list seven prototypes that show how UX can work with data consent forms to create a cohesive design that enhances the user’s experience rather than hindering it.

design - GDPR

Safeguarding Information Can Be Good for UX

But what if privacy popups actually create a better experience in the minds of users?

According to a study by Accenture’s Robert Wollan, Rachel Barton, Masataka Ishikawa and Kevin Quiring, 87 percent of consumers think it’s “important for companies to safeguard their information.” Perhaps, then, the introduction GDPR should be welcomed as an opportunity for enterprises to forge better relationships with consumers. In the opinion of Scalefast, users are more likely to praise a company that works with them to protect their data instead of covertly storing their browsing habits.

Computer Weekly’s Mike Gillespie also thinks that GDPR regulations are a bonus for businesses. Gillespie thinks “it’s not just about confidentiality, it’s about integrity, accuracy and availability – and it’s just plain good business practice.” In this sense, UX benefits from the new legislation because the consumer is more open to engage with an honest enterprise that seeks to protect their rights on the web.

Grace Murphy from Security Intelligence points out a further benefit of compliance with GDPR for businesses. Murphy sees the potential for “stronger collaboration across business units,” which will only serve to foster a “greater sense of community and cohesiveness.” The potential result for user experience? A company that is clear in its intentions and a product that can be trusted — all while the rights of customers are protected.

The Way the Cookie Crumbles

Only one thing seems clear at this point: The impact of popups on UX divides opinions. But perhaps that actually makes complete sense.

After all, as Jennifer Derome at User Testing Blog observes, UX comes down to “how you feel.” As such, UX is ultimately a user-defined quality. Some will find comfort in the protection of popups, while others will inevitably be discomforted. Businesses can do nothing but comply with GDPR — or face fines — and only time will tell whether users are put off by the effects of this compliance.

Images by: antonioguillem/©123RF Stock Photo, Chuttersnap, scyther5/©123RF Stock Photo

Casey Meehan