Setting clear boundaries
From the beginning, tarteaucitron has been built on explicit choices. Some are technical, others relate to the project’s positioning. These limits are not shortcomings, but safeguards.
I prefer to clearly state what tarteaucitron will never do, rather than letting people assume it could cover everything.
A simple economic model
tarteaucitron will never be priced per website. The current model is straightforward: unlimited sites, unlimited traffic. This approach works well and aligns with the spirit of the project.
If the load ever became unsustainable, traffic-based pricing could be considered. Pricing per site, however, makes little sense in this context.
Refusing imposed rules
tarteaucitron will not comply with third-party rules dictating how banners should be structured or how texts should be written. This is particularly true for frameworks like the TCF, which impose specific layouts and terminology.
The only exception is accessibility. Standards such as RGAA make sense and are fully embraced. Likewise, the open-source community has always had, and will always have, its place through GitHub.
Deliberately refused requests
Some users ask to exclude services such as reCAPTCHA or YouTube from consent handling. Technically, this is possible, and I explain how to do it.
However, I always make it clear that this results in non-compliance. reCAPTCHA, for instance, is a Google service, and its terms require consent. tarteaucitron will never bypass such constraints.
The choice not to be certified
Not being Google-certified is a deliberate political choice. I find it problematic that Google certifies CMPs while remaining both judge and party, especially when tools compatible with consent mode are dismissed for lacking certification.
This creates a closed ecosystem between CMPs, advertising actors, and analytics tools. This is not a model I want to support.
Independence and responsibility
tarteaucitron will always remain open source under the MIT license. Its development will never be dictated by an external actor seeking to benefit from it.
This does not prevent supporting certain standards, such as consent mode v2, when they make sense. But these decisions must remain those of the community or mine.
Deliberately limiting complexity
tarteaucitron will not become a tool relying on numerous third-party libraries. Every dependency introduces unnecessary points of failure.
Simple tasks like color conversion or DOM manipulation can be handled in native JavaScript. Adding dependencies for such purposes makes no sense.
A clear and assumed framework
tarteaucitron is a tool. It is possible to be compliant using tarteaucitron, but only if it is properly installed and understood. It never replaces a DPO or a broader compliance analysis.
These limits help keep the project readable, maintainable, and useful. They are also what ensure its long-term stability 🙂
