You can't install credibility

25 May 2026

I’ve been thinking about the signalling or legitimacy aspect of software selection recently. Where software is chosen in order to communicate, for example, professionalism, above solving an actual problem.

It reminded me of a discussion I had when someone asked me to take a look at their new website. After browsing around, I asked them why they had a cookie consent banner when their site didn’t actually place any tracking cookies. Their answer: “it makes the site look more serious”.

I understand the instinct. Visitors arrive, they see the banner, they assume the organisation running the site takes things seriously.

But there’s a glitch with that logic.

A cookie banner doesn’t signal that you take privacy seriously, it signals that you’re tracking people and want to cover your ass. That’s the only reason these things exist.

I’ve mentioned it before: the ePrivacy directive only requires consent if you want to track. The banner is a workaround, bordering on malicious compliance.

Your cookie banner doesn’t project trust, it projects surveillance. People may click on “agree” because of consent fatigue, but they’re still mentally filing you into the “do not trust” box.

The absence of a cookie banner is what projects seriousness. Seriousness about your visitors’ privacy.

This isn’t limited to banners, more on this trap later.

Colin

Back to archive

Colophon
Privacy
Ethics
Newsletter
Contact
FAQ

This page last updated on 25/05/2026.

A full Markdown version of this site is available at https://consultcolin.eu/llms-full.txt — optimised for AI and LLM tools. A structured index of all pages is at https://consultcolin.eu/llms.txt.