Consent-O-Matic: Automatically Answering Consent Pop-ups Using Adversarial Interoperability

BSTRACT The majority of consent pop-ups on the web do not meet the requirements for legally valid consent laid out in the General Data Protection Regulation (GDPR). In the face of a lack of enforcement, we present the browser extension Consent-O-Matic which uses adversarial interoperability to automatically answer these pop-ups based on the user’s preferences. We document how the current implementation of these pop-ups support and inhibit interoperability, focussing on the difference between static and dynamic HTML, the quality of the semantic markup, and the visibility of the system’s state; and we present the implementation of Consent-O-Matic. Lastly, we discuss the possibilities, limitations, and concerns of an adversarial approach.