In response to growing concerns about user privacy, legislators have introduced new regulations and laws such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) that force websites to obtain user consent before activating personal data collection, fundamental to providing targeted advertising. The cornerstone of this consent-seeking process involves the use of Privacy Banners, the technical mechanism to collect users' approval for data collection practices. Consent management platforms (CMPs) have emerged as practical solutions to make it easier for website administrators to properly manage consent, allowing them to outsource the complexities of managing user consent and activating advertising features. This paper presents a detailed and longitudinal analysis of the evolution of CMPs spanning nine years. We take a twofold perspective: Firstly, thanks to the HTTP Archive dataset, we provide insights into the growth, market share, and geographical spread of CMPs. Noteworthy observations include the substantial impact of GDPR on the proliferation of CMPs in Europe. Secondly, we analyse millions of user interactions with a medium-sized CMP present in thousands of websites worldwide. We observe how even small changes in the design of Privacy Banners have a critical impact on the user's giving or denying their consent to data collection. For instance, over 60% of users do not consent when offered a simple "one-click reject-all" option. Conversely, when opting out requires more than one click, about 90% of users prefer to simply give their consent. The main objective is in fact to eliminate the annoying privacy banner rather the make an informed decision. Curiously, we observe iOS users exhibit a higher tendency to accept cookies compared to Android users, possibly indicating greater confidence in the privacy offered by Apple devices.

翻译：针对日益增长的用户隐私担忧，立法者推出了《通用数据保护条例》（GDPR）和《加州消费者隐私法案》（CCPA）等新法规，要求网站在激活定向广告所依赖的个人数据收集前必须获取用户同意。该同意获取过程的核心在于使用隐私横幅——收集用户对数据收集行为认可的技术机制。同意管理平台（CMP）作为实用解决方案应运而生，帮助网站管理员简化同意管理流程，将处理用户同意及启用广告功能的复杂事务外包。本文对CMP历时九年的演变进行了纵向详细分析。我们采取双重研究视角：首先，借助HTTP Archive数据集，揭示了CMP的增长趋势、市场份额及地理分布特征——其中显著发现包括GDPR对欧洲CMP普及产生的实质性影响；其次，分析了全球数千个网站中某中型CMP的数百万用户交互数据。研究发现，隐私横幅设计的微小改动都会对用户同意或拒绝数据收集的决定产生关键影响。例如，当提供"一键拒绝所有"的简易选项时，超过60%的用户选择拒绝；反之，若拒绝流程需多次点击，约90%的用户倾向于直接同意。其主要动机实为消除烦人的隐私横幅而非做出知情决策。有趣的是，iOS用户比安卓用户表现出更高的cookie接受倾向，这或许暗示其对苹果设备隐私保护更有信心。