AP (The Netherlands) - 10.12.2019: Difference between revisions
No edit summary |
m (Ar moved page AP - Consent to place cookies to AP (The Netherlands) - 10.12.2019) |
Latest revision as of 17:12, 12 December 2023
AP (The Netherlands) - | |
---|---|
Authority: | AP (The Netherlands) |
Jurisdiction: | Netherlands |
Relevant Law: | Article 4(11) GDPR Article 6(1)(a) GDPR Article 7 GDPR |
Type: | Investigation |
Outcome: | Violation Found |
Started: | |
Decided: | |
Published: | 10.12.2019 |
Fine: | None |
Parties: | 157 companies investigated |
National Case Number/Name: | |
European Case Law Identifier: | n/a |
Appeal: | n/a |
Original Language(s): | Dutch |
Original Source: | AP (in NL) |
Initial Contributor: | n/a |
The AP found that almost 87 websites out of 175 investigated are not compliant with the consent requirements under Article 6(1)(a) GDPR when placing cookies.
English Summary
Facts and questions arising
Following its investigation of 175 websites, including municipalities and media, the AP found that almost half of them did not comply with the consent requirement for cookie placements under the ePrivacy Directive and Article 6(1)(a) GDPR.
Holding
In its decision, the AP stressed that practices such as pre-ticked boxes, user’s silence, inactivity or scrolling down or variations of banners such as "if you continue on this website you agree on cookies" do not constitute consent. Cookie walls are also not allowed under the GDPR. Therefore, the DPA ordered the websites to change their policies in accordance with GDPR and noted that it is planning to investigate the lawful use of cookies.
Comment
Share your comments here!
Further Resources
Share blogs or news articles here!
English Machine Translation of the press release
The press release below is a machine translation of the original. Please refer to the Dutch original for more details.
AP: many websites incorrectly request permission for placing tracking cookies News item/10 December 2019 Category: Cookies The Personal Data Authority (Autoriteit Persoonsgegevens, AP) has checked approximately 175 websites of webshops, municipalities and media, among others, whether they comply with the requirements for placing tracking cookies. Almost half of the websites that use tracking cookies do not meet the consent requirements. Virtually all of the webshops checked do not meet these requirements. The organisations behind these websites have received a letter from the AP calling on them to adjust their working methods if necessary. In the short term, the AP will start an investigation into whether cookies are being used lawfully. Ticked in advance may not Tracking cookies are data about people's internet behaviour. With this data, organisations can track internet behaviour over time. Targeted advertisements can also be sent. Therefore, the website visitor must give permission to place and consult tracking cookies with an unambiguous and active action. A ticked 'yes' box when the user is asked for permission is therefore not allowed. Also silence, inactivity or scrolling down or variations on 'you agree if you continue on this website' are not allowed. Two of the most common examples that do not meet the requirements of consent: Judgment of the European Court of Justice On 1 October 2019, the European Court of Justice ruled that the user's consent for placing and consulting tracking cookies on his equipment is not legally valid if a standard checkbox is used for this purpose. Also, refusing access with cookie wall may not During the audit, a number of websites with cookie walls were also found. Earlier this year, the Personal Data Protection Authority published a standard explanation that cookie walls are not allowed under the General Data Protection Regulation (AVG). Cookiewalls (cookie walls) do not allow websites, apps or other services to obtain valid permission from their visitors or users. These websites are included in an ongoing investigation into cookie walls. Websites that only give visitors access to their site if they agree to the placement of tracking cookies or other similar ways of tracking and recording behaviour by means of software or other digital methods, do not comply with the AVG. About cookies Cookies are small files that the provider of a website places on a visitor's equipment. For example on a computer, phone or tablet. Cookies can be used to collect or store information about the website visit or about (the device of) the user. With these cookies, organizations can follow people's internet behaviour over time. Tracking cookies make it possible to create profiles of people (profiling) and treat them specifically on the basis of those profiles. Tracking cookies are usually used to process personal data. If companies want to track people with tracking cookies, they must first request permission in a legally valid manner. More information about cookies.