April 14, 2026
Click 'No'? They heard 'More, please'
Google, Microsoft, Meta All Tracking You Even When You Opt Out
Audit says opt-outs ignored; commenters demand real penalties and joke 'dolphins be damned'
TLDR: A new audit claims Google, Meta, and Microsoft often ignore California “do not track” signals and still set ad cookies; the companies dispute it. Commenters are split between fatalists, technical nitpickers, and punishment hawks, joking about “dolphins be damned” while demanding enforcement that actually scares Big Tech.
An independent audit lit up the internet with a spicy claim: even when Californians hit “do not track,” Google, Microsoft, and Meta allegedly still drop ad cookies. webXray says it scanned 7,000 popular sites and found opt-outs were ignored more than half the time—Google 87%, Meta 69%, Microsoft 50%. Google fired back that the report “misunderstands” its tech, but the crowd wasn’t buying the vibes.
The comment section went full courtroom drama. One top voice sighed that we should always assume it’s recorded, settings be damned. Another camp said the real problem isn’t just cookies; “Cookies ≠ tracking,” pointing out companies can follow you without them, while die-hards joked the fix is simple: turn off JavaScript. Meanwhile, the angry bloc demanded pain, not pocket change: fines that “do real damage,” maybe even jail time, because current penalties feel like a cost of doing business. Cue memes: “Big Tech is a trawler net—dolphins be damned.”
Adding fuel, the audit called out those endless cookie pop-ups—Consent Management Platforms (CMPs)—as theater, noting Google even certifies some CMPs, a conflict critics love to hate. Ex-Googler and webXray founder Timothy Libert told 404 Media fines have basically become taxes. The community verdict? If opt-out signals like Global Privacy Control aren’t honored, then the “No” button is just decoration—and everyone’s over it.
Key Points
- •webXray’s audit of 7,000+ popular California websites found 55% set ad cookies despite users opting out via GPC.
- •Reported GPC non-compliance rates: Google 87%, Meta 69%, Microsoft 50%.
- •Audit details alleged behaviors: Google’s servers set an IDE ad cookie despite 'sec-gpc: 1'; Meta’s code sets cookies without GPC checks; Microsoft failed similarly half the time.
- •Google, Microsoft, and Meta disputed the research, with Google citing a 'fundamental misunderstanding.'
- •webXray, founded by ex-Google cookie policy lead Timothy Libert, also scrutinized CMPs and Google’s CMP Partner Program in the context of opt-out effectiveness.