European publishers are calling the EU Digital Omnibus a “cosmetic fix” that makes their position worse. They’re right—and WordPress store owners should pay attention. The same competitive dynamics that hurt publishers will affect every open web business competing against Big Tech platforms.
Here’s the uncomfortable truth: Big Tech platforms remain advantaged because they own the largest first-party data sets and have the strongest AI capabilities (Digiday, 2025). Google, Meta, and Apple don’t need your cookie consent when you’re logged into Gmail, Facebook, or iCloud. They already have permission. You’re competing against businesses that play by different rules.
The Walled Garden Advantage
Digital Omnibus introduces two mechanisms that sound privacy-friendly but devastate open web businesses:
One-click reject: Cookie banners must offer equally prominent “reject all” and “accept all” buttons. One-click reject requirement almost guarantees lower consent rates for publishers (News Media Europe, 2025). When rejection is as easy as acceptance, more people reject.
Browser signals: Users can set privacy preferences once in Chrome, Safari, or Edge, and every website must honor them. Publishers could lose power if browser and OS settings become main way users control privacy—repeating the dynamic seen with Apple ATT (Digiday, 2025).
Now consider Google’s position: when you’re signed into Chrome, Google doesn’t need cookie consent for most of what it does. You already agreed to data collection when you created your Google account. Same with Meta when you’re logged into Facebook or Instagram. Same with Apple across their ecosystem.
The walled gardens have high logged-in reach and do not rely on cookie consent for their targeting. That’s not an accident—it’s a structural advantage that every privacy regulation reinforces.
You may be interested in: EU Digital Omnibus 2026: The Cookie Consent Reform That Changes Everything
What Publishers Are Actually Complaining About
The publisher complaints aren’t just whining. They’re seeing a pattern that started with GDPR and accelerates with every new regulation.
Empirical evidence shows GDPR reduced digital services investment in EU and contributed to concentration of user data in big-tech firms (Bruegel/Johnson 2023, cited 2025). Privacy regulation doesn’t hurt Big Tech—it hurts their smaller competitors. The compliance burden falls heaviest on businesses without armies of lawyers and engineers.
Digital Omnibus includes a media exemption from browser signals. Sounds helpful for publishers, right? Except: media exemption from browser signals requires ad tech to decide who qualifies—most won’t risk GDPR liability making the call (News Media Europe/Digiday, 2025). Ad tech platforms won’t classify sites as “media” because misclassification means regulatory exposure. The exemption exists on paper but not in practice.
Thomas Lue Lytzen from Danish publisher Ekstra Bladet summarized the situation to Digiday: the changes “appear to be fairly cosmetic” and “big tech will still have way easier access to data via their closed ecosystems.”
Why WordPress Store Owners Should Care
You might think this is a publisher problem. It’s not. The same dynamics affect every business on the open web—including your WooCommerce store.
Consider your advertising stack:
- Google Ads: You pay Google to show ads. Google uses your conversion data to optimize. When consent rates drop, Google gets less data from your site. Your campaigns perform worse. Google’s core business (search, YouTube, logged-in users) remains unaffected.
- Meta Ads: Same dynamic. You send conversion events to Facebook. Lower consent means fewer events. Your attribution breaks. Meta’s 3 billion logged-in users keep generating data.
- Your analytics: GA4 depends on the same consent mechanisms. Lower consent = bigger data gaps = worse decisions.
You bear the consent burden while advertising platforms harvest the benefits. When your consent rates drop 40%, your data quality drops 40%. When Google’s logged-in users keep consenting at 95%+, their data quality stays high.
You may be interested in: Google Killed Privacy Sandbox After 6 Years of Industry Preparation
The Pattern You Should Recognize
This isn’t the first time Big Tech has benefited from privacy changes they publicly supported.
Apple’s App Tracking Transparency (ATT) in 2021 devastated Facebook advertisers while strengthening Apple’s own advertising business. Google’s repeated delays on third-party cookie deprecation kept competitors guessing while Google built alternatives that worked within their ecosystem. Now Digital Omnibus hands more power to platforms with logged-in users.
The pattern: privacy regulations consistently benefit businesses with first-party data relationships and hurt businesses dependent on third-party consent. Every time regulators “level the playing field,” the field tilts further toward walled gardens.
WordPress store owners sit on the wrong side of this dynamic. You’re on the open web. You depend on consent. You compete against platforms that don’t.
The Strategic Response: Own Your Data
Here’s what Big Tech understands that most WordPress store owners don’t: the businesses that own first-party data win. Not because of any regulatory advantage—because first-party data is simply better.
You can’t change EU regulations. You can’t make Google play fair. But you can build your own first-party data infrastructure.
Every WooCommerce order creates data you own: customer email, purchase history, product preferences, lifetime value. Every form submission, every booking, every page view happens on your server before it goes anywhere else. That data is yours—if you capture it.
The counter-strategy:
- Capture first-party data server-side. Don’t depend on browser-based tracking that consent can block. Collect events at the server level where you have complete visibility.
- Store data in your own warehouse. BigQuery gives you the same infrastructure Google uses, at SMB-friendly pricing. Your customer data belongs in systems you control.
- Maintain advertising connections with consent. You still need Google Ads and Meta. But send conversion data through server-side methods that work with whatever consent you have—don’t lose everything when a browser blocks a script.
Transmute Engine™ implements this architecture for WordPress stores. Server-side event collection captures data regardless of client-side consent. BigQuery integration stores your first-party data in your own warehouse. Platform connections maintain advertising optimization with whatever data consent allows. You get the two-layer approach: first-party visibility you control, advertising optimization that respects consent.
The Two-Layer Reality
Big Tech operates with two layers: vast first-party data from logged-in users, plus whatever consent-based data they can collect from the open web. They don’t depend on the second layer—it’s a bonus.
WordPress stores typically operate with one layer: consent-based tracking that’s about to get much less reliable. When that layer shrinks, they lose visibility entirely.
The stores that compete effectively will have both layers:
- Layer 1: First-party data you own. Server-side collection, your own BigQuery warehouse, complete customer visibility. This layer doesn’t depend on consent and doesn’t shrink when regulations tighten.
- Layer 2: Advertising platform data. Google Ads, Meta, whatever consent allows. This layer will shrink—plan for it.
You’ll never have Google’s scale. But you can have complete visibility into your own customers, your own transactions, your own business. That’s something even Google doesn’t have about your store.
Key Takeaways
- Big Tech wins from Digital Omnibus—logged-in users don’t require the same consent as open web tracking.
- One-click reject guarantees lower consent rates—your advertising data gets worse while platform data stays strong.
- GDPR already concentrated data in big-tech firms—Digital Omnibus continues the pattern.
- The media exemption won’t work in practice—ad tech won’t risk liability classifying sites.
- Your counter-strategy is first-party data—own your customer data the way Big Tech owns theirs.
It depends on your data infrastructure. If you rely entirely on advertising platform data (Google Ads, Meta), you’ll face lower consent rates and less reliable attribution. If you build first-party data collection through your own systems, you can maintain visibility regardless of consent rates for advertising. The stores that win will have both layers.
Publishers depend on consent-based advertising that requires cookie banners. Digital Omnibus introduces one-click reject (making rejection easier) and browser-level opt-outs (letting users refuse all tracking universally). Meanwhile, Big Tech platforms have logged-in users who’ve already consented through account creation. The playing field tilts further toward walled gardens.
Build your own first-party data asset. Every WooCommerce order creates customer data you own. Every form submission, every booking, every page view on your site can flow to your own BigQuery instance. You’ll never have Google’s scale, but you can have complete visibility into your own customers—something even Google doesn’t have about your business.
Yes. Lower consent rates mean Google Ads receives less conversion data from your site. Google’s modeling fills some gaps, but modeled data isn’t as accurate as real data. Stores with first-party data infrastructure can send conversion data through server-side methods that maintain accuracy even as client-side consent rates drop.
Walled gardens (Google, Meta, Apple, Amazon) control login-based ecosystems where users have already consented through account creation. The open web includes independent websites, publishers, and stores that must ask for consent individually. Privacy regulations consistently benefit walled gardens because they don’t rely on the same consent mechanisms.
The competitive dynamics publishers complain about affect every WordPress store owner. You can’t change the rules. You can change how you play. Build first-party data infrastructure now—before consent rates drop further and advertising platforms have even more leverage over your business. Visit seresa.io to see how server-side tracking gives you the data ownership that Big Tech already has.
