Website Breaking The Cookie Regulations
The regulations regarding Cookies is not something new, but until the RGPD (General Data Protection Regulation), it had not been defined so clearly and explicitly. Until that moment there were certain practices that were at least doubtful.
Consent In The Cookie Regulations
The first and foremost thing is to define what consent is and what it is not. Article 4 (11) of the RGPD defines it as: “any manifestation of free, specific, informed and unequivocal will by which the interested party accepts, either by means of a declaration or a clear affirmative action, the processing of personal data that concerns him” .
The fact is that there are cases in which web pages or Apps do not use valid forms of consent, either because there is no real choice, because you are forced to consent or because you suffer negative consequences if you do not. This is the case of those pages that require certain permissions on the mobile to download an application that does not really need them for its use (I would not be well informed). Also, the acceptance in exchange for accessing content, through the so-called cookie wall, which prevents viewing the content if it is not accepted (it would not be free).
Finally, scrolling (scrolling down the page) or simply continuing to browse are not forms of consent (because they are not a clear affirmative action).
To combat these bad practices, the Guide defines very well what Transparency is and also how consent should be Obtained
- What they are and what they are for.
- The types of cookies there are.
- Who will use them and for what.
- The way to accept, deny or revoke consent.
- If they are going to be transferred to third parties.
- If profiles are to be obtained in an automated way.
- The period of conservation of the data.
The information must be concise, transparent and intelligible. Therefore, it must be understandable to the average member of the target audience. The information must also be easily accessible, through a prominent link, the information must be present in the logical place where it is searched and permanently.
As we have already said, consent is a clear affirmative action. Therefore, the consent information must appear separate from other matters and the user must be able to refuse to give it, or revoke it later. Withdrawal of consent must be easy to do. It must also be clear to whom or to whom consent is given (if there are third parties in addition to the editor of the website).
There are different forms of consent and all are valid, if it is informed in a clear and transparent way of how to give it:
- When registering for a service.
- When configuring the web page or application.
- Through consent management platforms.
- Before downloading a service or application.
- Through the layered information format.
- Through the browser settings.
Regarding cookies, as we have already said, the tacit consent (the text indicates “If you continue browsing you accept these conditions”) or the cookie walls (browsing is prevented if consent is not given) are not valid. The cookie walls would only be valid if an alternative is given to access the content that implies the user’s freedom to do so (even if it is prior payment, because the content is under subscription).
Update Of Consent And Third Party Policy
A simple glance at the websites of the companies reveals that many still opt for tacit consent, or use tactics to obtain consent in a way that is not free for the user (for example, in exchange for being able to see the contents). It is essential to update the websites before the end of the transitional period (10/31/2020) because this could be the last notice from the regulatory entities.
Also Read : Best Apps To Edit Photos