The measured data reveals key findings: Companies with a cookie banner received a pass value of 77%; those with proper opt-in consent had a pass value of 42%; companies that displayed a banner but set cookies immediately (non-compliant) achieved a pass value of 35%; those with no cookie banner at all had a pass value of 23%; and companies that included a link to their privacy policy received a pass value of 68%. Full tables are provided below on this page.
Below: key findings, platform breakdown, implications, methodology, FAQ.
Free online tool — cookie checker: instant results, no signup.
| Metric | Pass / Value | Median | p75 |
|---|---|---|---|
| Companies with a cookie banner | 77% | — | — |
| Proper opt-in consent | 42% | — | — |
| Banner shown but cookies set immediately (non-compliant) | 35% | — | — |
| No cookie banner at all | 23% | — | — |
| Link to privacy policy | 68% | — | — |
| Separate opt-in for analytics/marketing | 12% | — | — |
| Reject-All button available | 28% | — | — |
| Yandex.Metrika without consent | 64% | — | — |
| Platform | Share | Detail | — |
|---|---|---|---|
| CookieYes / CookieBot plugins | 14% | compliance: 82% | — |
| Bitrix default module | 22% | compliance: 31% | — |
| WordPress GDPR plugin | 8% | compliance: 74% | — |
| Custom implementation | 33% | compliance: 38% | — |
| Tilda default | 5% | compliance: 24% | — |
| No banner at all | 23% | compliance: 0% | — |
Top-500 Russian sites (SimilarWeb.ru ranking, March 2026). Loaded via headless Puppeteer from a clean profile, recorded cookies before interaction, after decline, after accept. Compliance classifier: 3 checkpoints (banner presence, consent-gated tracking, reject-all works).
Cookie compliance in Runet by 2026 mandates adherence to international standards such as the GDPR and CCPA, focusing on user consent and transparent data processing. Organizations must implement mechanisms for obtaining explicit consent before placing cookies, offer clear information on data use, and ensure users can easily withdraw consent. Compliance audits should include monitoring cookie usage, consent management systems, and user data requests.
In the evolving landscape of data privacy, cookie compliance has become crucial for organizations operating in the Runet. By 2026, compliance will not only be a legal requirement but also a key component of user trust and digital reputation. The dominant standards influencing cookie compliance are the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). These regulations set the framework for how cookies should be managed, particularly regarding user consent and data transparency.
Under GDPR, organizations must obtain explicit consent from users before deploying cookies that process personal data. This means that any website using cookies must provide users with clear information about the types of cookies being used, their purposes, and how long they will be stored. The CCPA similarly emphasizes the importance of informing users about their data rights and how their information will be utilized.
To align with these regulations, organizations should implement a robust cookie consent management system. This system must include features such as:
Implementing cookie compliance effectively requires a structured approach. Here are best practices that organizations should follow to ensure adherence to cookie regulations:
Cookiebot or OneTrust can automate this process. Generate a comprehensive list categorizing cookies based on their purpose (e.g., session cookies, persistent cookies, third-party cookies).CookieYes provides customizable banners that allow users to choose which types of cookies they consent to. A sample implementation might look like:CookieYes.init({
consent: {
analytics: true,
marketing: false
},
onConsentChange: function() {
// Update cookie usage based on user consent
}
});Ensure Transparency: Clearly inform users about the data being collected and its purpose. Use plain language, avoiding legal jargon that may confuse users.
Informed consent before collecting personal data (tracking cookies). Explicit opt-in (not pre-checked). Withdrawal option. Link to privacy policy.
Yes if you collect personal data through it (including IP for geo-targeting). Consent in the banner before activation script.
Up to ₽500k per legal entity (Art. 13.11). Repeat — up to ₽6M. Roskomnadzor issues ~100 fines/year for cookie violations.
<a href="/en/cookie">Enterno Cookie Analyzer</a> — scans all set cookies, checks flags (HttpOnly, Secure, SameSite), classifies by purpose.
Free plan — 10 monitors, checks every 5 min, no card required. Upgrade for 1-minute interval and multi-region monitoring.