Does your cookie banner manipulate your users?
Dark patterns in cookie banners are the most common reason for GDPR fines. Our scanner automatically detects whether your banner uses manipulative design tricks.
What Are Dark Patterns?
Dark patterns are design tricks that lead users to take unintended actions — for example, consenting to cookies and tracking. In cookie banners, this commonly manifests as missing or hidden reject buttons, manipulative color schemes, or misleading wording.
The EU has explicitly banned dark patterns with the Digital Services Act (DSA) (Art. 25). The GDPR also implicitly prohibits them: consent obtained through manipulation is invalid (Art. 4(11), Art. 7 GDPR).
What Compliso Detects
Three critical dark pattern categories that data protection authorities actively enforce.
Missing Reject Button
High fine riskProblem: A cookie banner without an equivalent reject button is a clear GDPR violation. The EDPB guidelines (05/2020) require: accept and reject must be equivalent and equally easy to reach.
Consequence: Fines of up to 4% of annual revenue. The French CNIL imposed 60 million EUR on Microsoft and 150 million EUR on Google in 2022 — partly for missing reject buttons.
Compliso check: Compliso automatically detects whether your banner has a visible reject button and whether it is equivalent to the accept button.
Hidden Reject Option
High fine riskProblem: The accept button is prominently visible, but reject is hidden behind "Settings" or "Learn more." Data protection authorities classify this as manipulative design.
Consequence: The Austrian DPA and German state authorities have already initiated proceedings over hidden reject options. Consumer protection organizations are also actively sending cease-and-desist letters.
Compliso check: Our scanner checks whether the reject button is visible on the first layer of the banner — not only after clicking "Customize."
Unequal Button Styling
Medium riskProblem: Accept in bright green, reject grayed out or as an inconspicuous text link. This visual manipulation (nudging) is increasingly challenged by supervisory authorities.
Consequence: The EDPB has clarified in its guidelines: buttons must be equivalent in size, color, and placement. A violation can render consent invalid.
Compliso check: Compliso analyzes the DOM structure of your banner and checks whether the accept and reject buttons are styled equivalently.
Real Fines for Dark Patterns
Dark patterns are not a theoretical risk. Data protection authorities are already imposing multi-million fines.
| Authority | Company | Fine | Year |
|---|---|---|---|
| CNIL (France) | 150M EUR | 2022 | |
| CNIL (France) | Microsoft | 60M EUR | 2022 |
| CNIL (France) | Criteo | 40M EUR | 2023 |
| BayLDA (Germany) | Various SMBs | Proceedings | 2023-24 |
Sources: EDPB Enforcement Tracker, CNIL decisions. SMBs are also affected — especially through consumer protection lawsuits.
Compliso Protects You Twice
Scanner detects dark patterns
Automatic detection in third-party and your own banners. The latest check rules are applied with every scan.
Compliso banner is dark-pattern-free
Our own cookie banner shows accept and reject equally on the first layer. EDPB-compliant by design.
Find dark patterns before the authorities do
Start a free scan now and find out if your cookie banner contains manipulative patterns.