May 13, 2026
Cookies, chaos, and civic cringe
European governments: 3.000 tracking sites, 1.000 phpMyAdmins, and 99% poorly
Europe’s public websites just got exposed, and the comments are torn between panic and shrugging
TLDR: A new European watchdog says thousands of government websites use illegal trackers, over a thousand have sensitive admin pages exposed, and almost all government email protection is weak. Commenters bounced between applause, national pride, and a heated shrug over whether fixing small local sites is worth the money.
A new watchdog site, SecurityBaseline.eu, has dropped a very awkward report card on European governments: about 3,000 public sites are using tracking cookies they likely shouldn’t, more than 1,000 database admin pages are sitting out in public view, and a jaw-dropping 99% of government email is using weak protection. In plain English: the people handling your taxes, permits, and local services may not be handling the internet side of things so well.
But the real show is in the comments, where the mood swings from “great public service” to “okay, but let’s not act shocked.” One early reaction was pure chaos: the site launched with big accountability energy, and someone immediately reported it was already down. That alone wrote half the punchline. Others were delighted to see governments being publicly graded, with one commenter joking they came ready to complain about Dutch towns, only to discover the Dutch were already roasting themselves.
The hottest mini-debate? Whether these exposed admin panels are a scandal or just boring everyday internet laziness. One commenter basically argued that for a tiny local government site, locking everything down might not be the best use of money. Meanwhile, another surprise twist had Italy catching rare praise, with users suggesting that shared website templates may have accidentally made things safer. So yes: there’s outrage, there’s defensiveness, there’s national scorecard drama—and a lot of people asking why public websites still look like they’re held together with digital duct tape.
Key Points
- •SecurityBaseline.eu was launched on May 13, 2026, by the Internet Cleanup Foundation as a European spin-off of the Dutch Basisbeveiliging program.
- •The foundation says it warned European governments about the upcoming publication three months in advance by sending tens of thousands of emails.
- •The platform highlights three main findings: around 3,000 governmental sites with tracking cookies, more than 1,000 publicly reachable database management interfaces, and 99% of governmental email being poorly encrypted.
- •SecurityBaseline uses Web Security Map software, which the article says has been developed for over a decade and presents results through country-by-country and metric-specific maps.
- •The monitoring scope covers 32 countries or administrative units, including EU member states, EEA countries, the EU itself, Switzerland, Norway, Iceland, and Liechtenstein, but not the United Kingdom.