Since the GDPR went into effect it's hard to navigate the web without an endless barrage of "consent" notices asking you to agree to being tracked by unanmed third parties.
This study looks to understand current user interface trends in Consent Management Platforms (CMPs) and how these designs affect the validity of the obtained "consent".
We found that dark patterns and implied consent are ubiquitous; only 11.8% meet the minimal requirements that we set based on European law. Second, we conducted a field experiment with 40 participants to investigate how the eight most common designs affect consent choices. We found that notification style (banner or barrier) has no effect; removing the opt-out button from the first page increases consent by 22–23 percentage points; and providing more granular controls on the first page decreases consent by 8–20 percentage points.
I'd love to see more studies in this area and I hope regulators are keeping their eyes peeled. Focusing regulatory and enforcement action on CMP's would certainly act as a catalyst in increasing legitimately obtained consent across the web due to the complexity of rolling your own CMP.