What is The Non-Consensual Cookie Bandit?

A satirical web experience that parodies cookie consent popups by "auditing your life" instead of tracking your data. It's a humorous exploration of digital consent culture.

Is this actually tracking my cookies?

No. Despite the name, we don't actually track cookies in the traditional sense. This is a parody project that uses "cookies" as a metaphor for life decisions.

Is the life audit real?

The audit is generated for entertainment purposes only. Results are satirical and should not be taken as genuine life advice.

Can I play games on this site?

Yes! We have several mini-games including the Reject Button Game and Cookie Clicker. More games are being added regularly.

Does Apple read my iMessages?

End-to-end encrypted iMessages cannot be read by Apple in transit. If you back up your messages to iCloud, they are accessible to Apple under certain legal circumstances. If you use iCloud Backup, those backups include an escrow key that Apple can access. The distinction matters and Apple's documentation of it is genuinely better than most.

What is App Tracking Transparency and does it actually work?

ATT requires apps to ask permission before tracking you across other apps and websites. It measurably reduced third-party tracking after its 2021 introduction. It does not apply to Apple's own tracking, which is a design decision Apple has declined to modify.

Is Apple Health data private?

Apple Health data is stored on-device by default and requires your permission to share with third-party apps. If you sync to iCloud, it is encrypted in transit and at rest. Apple does not use Health data for advertising. What happens to Health data shared with third-party health apps is governed by those apps' own privacy policies, which vary considerably.

← Hall of Shame

C+

Apple

Name: The Non-Consensual Cookie Bandit
Rating: 4.8 (1973 reviews)

devicesprivacy-marketingicloudapp-storedata-minimisation

3,800

Word Count

15 min

Reading Time

2 min

Human Patience

5/10

Sneakiness

Translation Service

What They Say

Apple's privacy policy is, by the standards of this audit, a document that says what it means. They collect less data than their peers, they explain their collection practices clearly, they distinguish between on-device processing and server-side storage, and they have implemented technical privacy protections like App Tracking Transparency and on-device machine learning that meaningfully limit what third parties can access. Apple's policy explicitly states that they do not build advertising profiles and do not sell personal data to third parties.

What They Mean

Apple genuinely does better than most on privacy, which is why this audit's grade is C+ rather than D or F. However, C+ is not an A. Apple collects your iCloud content (searchable by Apple under certain legal conditions), your Siri requests (stored and reviewed by contractors on an opt-out basis), your App Store behaviour, and your health data if you use Apple Health. More significantly, Apple's App Store is the only legal way to install apps on an iPhone, meaning Apple is the gatekeeper for what privacy protections you can access on the device you paid for. The privacy marketing is excellent. The locked ecosystem it markets within is structurally different from the marketing.

Worst Clause — Exhibit A

"Apple retains personal data for the period necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. When personal data is no longer necessary for the purposes for which it was processed, we take steps to have it deleted, aggregated, or de-identified."

Bureau Translation:

"Necessary" and "permitted by law" are doing substantial work here. Apple can retain data as long as any legal requirement allows, and that period can extend considerably for financial records, iCloud content subject to legal holds, and data shared with partners. "De-identified" data is also not the same as deleted data — de-identified datasets can frequently be re-identified given other available datasets, a point that Apple's legal team is aware of.

Evidence Tags — Data Collected

Apple ID and account informationApp Store purchase and download historySiri requests and voice dataiCloud content including photos, messages, and documentsLocation data from Maps and Find MyHealth data via Apple Health and HealthKitApple Pay transaction metadata

Bureau Verdict

"Apple is the best-performing major technology company in this audit, which is the C+ equivalent of being the tallest person in a group where everyone is seated. The privacy marketing is substantially accurate and meaningfully better than the industry norm. The locked ecosystem, iCloud legal access provisions, and Siri data practices prevent a higher grade."

C+

Overall Grade

Genuinely Good (Suspicious)

Frequently Asked Questions

Dark Patterns Documented

Forced Continuity →Roach Motel →Confirmshaming →

See the full Dark Pattern Encyclopedia for documentation of each technique.

← All Companies Dark Pattern Encyclopedia →Terms Nobody Read →

Audited: 2026-03-15