Do I need a 'Reject All' button?

Unsure if your cookie banner needs a “Reject All” button? Here’s our recommendation for GDPR and CCPA compliance, based on the express provisions of the governing regulation and recommendations from official bodies with legal personality, or official government agencies.

To be safe, add a reject all button to your cookie banner

Including a ‘Reject All’ button on the first level of your consent banner is the easiest way to ensure you’re compliant with privacy laws. Why second guess yourself? Besides, why are you making it so hard for your users to make pro privacy choices? If you’re worried about  losing your Google Analytics data, just use Google Consent Mode. This way you can keep some important marketing data, and your users can keep their privacy rights!


Does your cookie banner need a reject all button under the GDPR?

If the GDPR applies to you, we recommend you provide a ‘Reject All’ button whenever you provide an ‘Accept All’ button.


The official GDPR text states:

“Prior to giving consent, the data subject shall be informed thereof. It shall be as easy to withdraw as to give consent


This might sound a little ambiguous so here’s an interpretation from the European Data Protection Board’s (EDPB) cookie banner task force from their report of the work undertaken by the Cookie Banner Taskforce

“When authorities were asked whether they would consider that a banner which does not provide for accept and refuse/reject/not consent options on any layer with a consent button is an infringement of the ePrivacy Directive, a vast majority of authorities considered that the absence of refuse/reject/not consent options on any layer with a consent button of the cookie consent banner is not in line with the requirements for a valid consent and thus constitutes an infringement.”


Does your cookie banner need a reject all button under the CCPA?

If the CCPA applies to you, we recommend that you provide a ‘Reject All’ button whenever you provide an ‘Accept All’ button.


According to the California Privacy Protection Agency Enforcement Division’s Enforcement Advisory no. 2024-02, you should follow the principle of ‘symmetry in choice’.

“Symmetry in choice. The path for a consumer to exercise a more privacy-protective option shall not be longer or more difficult or time-consuming than the path to exercise a less privacy-protective option because that would impair or interfere with the consumer’s ability to make a choice.”


If you’re unsure how to interpret this, the CPPA provides specific guidance that businesses should ask themselves:

  • Is the language used to communicate with consumers easy to read and understandable?
  • Is the language used straightforward and does it avoid technical or legal jargon?
  • Is the consumer’s path to saying “no” longer than the path to saying “yes”?
  • Does the user interface make it more difficult to say “no” rather than “yes” to the requested use of personal information?
  • Is it more time-consuming for the consumer to make the more privacy-protective choice?

If you answered yes to any of the above, your cookie banner probably isn’t meeting the CCPA’s requirements!

So, do you need a Reject All button on your cookie consent banner?

If you have an ‘Accept All’ button on the first level of your consent banner, our recommendation is that you should absolutely provide a ‘Reject All’ button on the same level.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us