engine..the problem is "if a site has set out to comply with GDPR" , but in fact is not compliant, ( by omission or by being deliberately tricky with "implementation" ) what does that tell anyone about bounce rate changes due to GDPR ?..
If anything all it tells anyone about is what people do when they see different types of notices about anything.
Whether banners ( about anything ) are better than modals or better than interstitials etc..
If the "does bounce rate change with notices about apples" "survey" is about apples..
Experiences about "bounce rate with notices about oranges " or other fruit isn't relevant..or scientific..
We already know that some webmasters don't like telling any visitors about how the webmaster makes their money from the visitor being on the site..that is why many affiliates do not declare on their sites that they are affiliates promoting products..and laws had to be made..and many ignore the laws, and , or try to claim that they are following those laws, when , in fact, they are not.
GDPR is no different..

Example of a GDPR notice which tells us nothing about "bounce rate due to GDPR"..if the "notice" requires that the visitor has javascript allowed for the notice to even be visible ( that way of serving GDPR notice is not compliant ) any "bounce" will not be due to GDPR.
if the notice is a "click through" "I agree" ..or "by continuing to use this site you accept" ..then any "bounce" or any continuance also tells us nothing about "bounce due to GDPR" because that was not GDPR.

To use a car analogy, discussion or observation about the road holding of cars with tires, depends on actually having tires fitted, not driving on the rims , but calling them the tires..

I understand what you are saying, got it, and it's noted.

To use a car analogy, discussion or observation about the road holding of cars with tires, depends on actually having tires fitted, not driving on the rims , but calling them the tires..

Only crooks think they can drive on rims!

Let's assume GDPR notice is implemented correctly on a site.
The site's stats will show whether there is a bounce, or not, or it's all fine.

Let's assume GDPR notice is implemented correctly on a site.
The site's stats will show whether there is a bounce, or not, or it's all fine.

I was going to say that this takes us right back where we started, since there is no independent verification of correct implementation and it’s all down to the site owner’s say-so.

:: vague mental association with height and weight on official ID, which in most cases--at least in the US--is entirely self-reported ::

But if the universal response to GDPR is to make changes--whether those changes are correct, incorrect, or just-plain-stupid (like the npr example cited upthread)--then in a sense all of those responses are ultimately attributable to GDPR.

Maybe a better analogy is “operator error”. If you hit the gas by mistake for the brake, that is technically “operator error” and the human is to blame--but if it happens far more often with Brand A than with Brand B, you also have to hold Brand A responsible.

This leaves unanswered a fairly important question: are GDPR regulations genuinely too complicated for the average human to understand, or are some people just too dim to operate websites?

are GDPR regulations genuinely too complicated for the average human to understand,

I know plenty of "average" people ( webmasters and no webmasters ) who understand them.
I'd add a third possibility..
Or are some website owners "driving on the rims" deliberately to hide how their website makes it's money...and to avoid "bounces" that would happen if visitors knew..


As Google is technically a website ( the search bit ) ..they don't explain GDPR when one uses them to search, and yet they should have GDPR notices on their search site to be GDPR compliant..( there are no exemptions to GDPR for search engines ) they could send people who "disagree" to another version like say ..the sort that Quant uses..all the Googly searchness , with none of the Googly trackyness..

Google must think that their bounce rate would be huge if people knew ( most don't ) how they track one when one searches..so they put no GDPR notices..They'd only have to do it once per visitor ( different people on the same machine, gets more complex, but then so is / will be, different people on the same browser )..But Google don't show the notices..

Given that this all came into focus at the beginning of the summer..it will probably take at least 6 months, maybe a year before any meaningful figures can be given by anyone..at which time , the EU law relative to browsers, "I accept tracking cookies" or "I do not accept tracking cookies" will have superceded / superseded it to a very large degree..

Then we really will hear much wailing and gnashing of teeth..( for those with no teeth..teeth will be available via google shopping links* )

*To paraphrase a certain Norn politician.

Too many assumptions are being bandied about. It is also too early to know what results might be out there (after time and implementation provide meaningful data points to examine). The question, as posed, is too vague and too early. That said, this has been an interesting thread!

The enactment of the GDPR affects all websites, whether the site is GDPR compliant or not.

Users are more aware of privacy violations in part because of the numerous data breaches and Facebook info harvesting. Site visitors are behaving differently. Bounce rates may indeed have changed.

The GDPR is likely the most significant cultural dynamic on the web since the proliferation of advertising itself.

The paradox is that these are Internet giants which are causing the more damages to the privacy of people, and they are also the one the less impacted. Yes, supposedly people are running away from Facebook, but Facebook continues to show good financial health (of course it might not last, who knows), and as for Google, which is also champion in data collection and compiling, it continues to align two digits growth per year.

If a site has set out to comply with GDPR, has the site received a change on bounces?

Well, I suppose I could put what I have said earlier another way: my site has set out to comply, it does comply, and bounce-rate has not been affected. I imagine that many sites presenting a non-compliant notice, pop-up, banner, or some other thing that interferes with UE will have a higher bounce-rate than they did before they presented it.

they are also the one the less impacted

They are the ones which are least compliant now. In principle, GDPR completely undermines their business model, so its impact on them is yet to be seen. It is quite possible that they will be heavily fined in the not-too-distant future. Multiple complaints were lodged against Facebook and Google within hours of GDPR coming into force.

The intention of GDPR is to clarify and tighten the law so that the widespread privacy violations that have become an increasingly common feature of web-browsing (but not only of web-browsing) are - hopefully - brought under control.

On the question of consent, the UK Information Commissioner's Office (ICO) is fairly clear, in particular: Avoid making consent to processing a precondition of a service ([ico.org.uk ]).

We implemented Ezoic's GDPR consent mechanism on July 1, and our bounce rate hasn't changed, despite the fact that Europeans are our largest audience. I'll admit this has me a bit surprised, since Ezoic has an option to enable consent worldwide (not just in the EU), but warns against doing so: "Not recommended as consent tends to decrease revenue by 20 - 50% and increases bounce rate."

Ezoic's GDPR consent mechanism..is not GDPR compliant..far from it..

an option to enable consent

that is the "I agree" part
and the option to "disagree and continue" is where ?..
Without that "disagree and continue" it is not GDPR compliant..Nor is requiring javascript to be allowed before one can see any options about agreeing or disagreeing..
Thus any ( or no ) changes to bounce rate ( up or down ) on sites using Ezoic's method has no bearing on "GDPR might be causing higher bounce rate"..
Ezoic's consent mechanism is ..
as engine said.."driving on the rims".. :)

btw..Why using a "notice" that requires javascript to be enabled to see the notice is not GDPR compliant..is because if the visitor has to allow javascript to see the notice, the site has already had the opportunity to place a cookie via javascript , by the time that the visitor sees the "choice"..if they actually see a "choice"..and not just a "by continuing you agree" notice which is not a "choice"..and is thus the notice itself is also not GDPR compliant..
Simple..:)

Ezoic's GDPR consent mechanism..is not GDPR compliant..far from it.

I didn't say that it is. (Nor did Ezoic.) As I stated earlier in this thread:

Ezoic recently had a podcast on this. The gist of the discussion was that hardly any publishers (even big European publishers) were in technical compliance with the law, with most publishers treating the consent choice as opt-out rather than opt-in.

In any case, my post of today isn't about whether Ezoic's GDPR solution is compliant (that's beside the point), it's about the real or possible effects of GDPR on bounce rate.

To quote engine from above

Let's assume GDPR notice is implemented correctly on a site.

"correctly "meaning in compliance with GDPR..
So..if a site is not implementing a compliant GDPR notice..any observations it ( or it's owner ) has about "bounce rate" have nothing to do with GDPR..
"Driving on tires" as opposed to" driving on the rims", and telling the visitors that the "rims" are really tires..
Why not be truly GDPR compliant, ( and honest with visitors, rather than try to trick them into thinking that the site is GDPR compliant ) and then any differences in "bounce rate" ( or not) will be GDPR related..

If one wants to know if A affects B..one has to actually use A..and not merely try to mislead visitors into thinking that "something" is A..

That doesn't tell anyone about real or possible effects of GDPR..

Why do sites put up notices about "GDPR consent"..that are not GDPR compliant..

Are the sites so worried that visitors really would bounce if they knew the truth about what the site ( or it's partners ) are doing ?

Ezoic recently had a podcast on this. The gist of the discussion was that hardly any publishers (even big European publishers) were in technical compliance with the law, with most publishers treating the consent choice as opt-out rather than opt-in.

That sounds a lot like Ezoic are saying ( as their GDPR notice is not compliant ) that they think most sites are breaking the law, so they and their partners should do so also..Wonder how they are about speeding in a school area, or stopping for red lights..

I think the added bounce (if there is any) has less to do with "the truth about what the site (or its partners) are doing" than with the presence of a barrier to the content. The consent mechanism is like an interstitial ad: It's annoying at best.

Ireland's Office of the Data Protection Commissioner has taken up the ?first? GDPR compliance complaint: that FB refuses to hand over data held on a person (Michael Veale) because it is too difficult to locate...

I must order in extra popcorn...

I've seen relatively (very) few GDPR compliant opt-ins. Given the similarity in the 'mistakes' I do wonder if sites are counting on being seen as acting in good (if erroneous) faith and not in the initial low hanging fruit of outright egregious examples that might be made examples of to set eventual understood minimums that will eventually have to be adopted.

Besides the 'mistakes' in execution I have to wonder at the total lack of optimising wording away from legalese and dark patterns towards succinct clarity in common language... Ah well, I do love a good competitive advantage...

I think the added bounce (if there is any) has less to do with "the truth about what the site (or its partners) are doing" than with the presence of a barrier to the content. The consent mechanism is like an interstitial ad: It's annoying at best.

Exactly!

It is the (non-compliant in almost all cases) pop-up that has the effect, not compliance.

You only need consent if you're doing something your users need to agree with, and the question of how you get them to agree is less releveant than the question of whether you should be doing it at all. It is easy to comply without affecting bounce-rate: don't do anything that needs consent before your users access your content.

And what about if a user doesn't give consent, do they bounce back to SERPs?

And what about if a user doesn't give consent, do they bounce back to SERPs?

Since the advent of "tabbed browsers", they may just close the tab..in which case who knows what they do ?
they may have had 10 tabs open and they close yours and move to another, which itself may ( or may not ) have a compliant (or not ) GDPR notice, or the site in that tab may be compliant , thus have no notice ( it doesn't need one ) etc ..
The only ones you can be sure about are those who hit the back button..and not even then..

A more accurate question might be " If your site requires, and uses a fully compliant GDPR notice, has the number of people staying "on site" changed since you placed it" ..

the question of how you get them to agree is less relevant

Have to disagree with that, sites which are tricking people into agreeing by using "fake" non compliant GDPR notices is highly relevant..that is "bait and switch"..GDPR ws e set up precisely to try to make sites more honest about what they were doing, not to give them yet another opportunity to be dishonest about what they are doing, previous to GDPR it was "by omission", now some ( many ) are actively lying..not just about whether they ( or their 3rd party ad networks ) are gathering data ( dropping cookies ), but also about their GDPR "consent " notices..inferring or even stating that the site and the notice are GDPR compliant.
That is is illegal..and immoral..

@Leosghost

I think we're on generally on the same page, and by "get them to agree" I did not mean "trick them": clearly anyone who has been tricked hasn't freely given explicit informed consent, which is what GDPR requires. I was talking about method (banners, pop-ups, or whatever else), and I still hold that this is less relevant than whether you do it (process personally identifiable user data on access) at all.

I don't know about other locations, but in the UK the ICO is clear and definitive. Anyone deliberating about consent should read the page I linked above. As a user, non-compliant pop-ups cause 100% bounce-rate, as do (e.g. Facebook) default opt-ins that are a precondition of the service.

@Wilburforce

I think we're on generally on the same page

Ah yes..thanks for the clarification, in the light of which..Indeed we are generally on the same page :)
Yes ..I too recommend webmasters to read the page that you linked to above..