The European Union has tightened the rules for cookies collection consent

The essence of the next update of the GDPR guidelines is: you can no longer collect cookies using the “old method”. What is the matter?

The GDPR panic ended within a month of the adoption of the law. Nevertheless, by the beginning of 2020, European companies and website owners were fined 114 million euros. At the same time, the number of law violations continues to grow. Regarding that, the European Data Protection Council (EDPB) has updated guidelines for cookies usage Let’s figure out what is the essence of new explanations.

1. Prohibited to notify about the use of cookies without the possibility to refuse their collection

The practice of “tacit consent”, which was actively used by websites, is no more satisfactory in the case of any law suite. Oops, it’s time to inform guys from Spotify about this.

2. Scrolling, swiping and other interactions with a website do not constitute consent

Therefore, any data collection from users who have not agreed to the use of cookies is strictly prohibited. The regulator emphasizes that any manipulations at the level of interaction, in any case, will be perceived as an offense of EDPB principles.

3.You can not prohibit access to the content to those who didn’t agree with the website’s Cookie Policy

No one can force the user to consent against its will. Access should be provided equally to all participants. The exceptions are cases when the functionality cannot be implemented without collecting data through cookies.

Why is this important?

By the beginning of the year, about 160,000 coolies policy violations were registered in the EU. In the year 2019, the trend of penalty number only grew, Add up to +12.6%, compared to the indicators of 2018, when the law has come into force. If your business interacts with users from the EU, you must comply with the EDPB requirements. At the moment, most part of the burden of the fines falls on the most progressive EU member states, like Great Britain, Netherlands, Germany, France, and Austria. The record holders for fines are still large networks and enterprises. But there is also a noticeable trend towards reducing the “threshold” for entering the “penalty club”. The situation is especially typical for the Netherlands. In this country, the number of notifications of violations is 147.2 per 100,000 of NL citizens.