Cookie banners on websites have become a common sight for internet users. However, the legal situation regarding their design and use is unclear. The European Data Protection Board (EDPB) recently issued a report on the use of non-essential cookies. The report has created a disagreement among the data protection authorities of the European Union regarding specific requirements for the use of such cookies.
According to the Federal Commissioner for Data Protection and Freedom of Information (BfDI) Ulrich Kelber, a well-made and fair website does not need a cookie banner because it only uses technically necessary cookies. If website operators want to collect personal data, then they need to ensure that they do not seek consent through unfair or illegal means.
The background to Kelber’s press release is the resolution of the EDPB on the report of the “Task Force Cookie-Banner.” Tobias Haar, a lawyer specializing in IT law at Vogel & Partner in Karlsruhe, believes that the lack of agreement among European privacy advocates on detailed issues is causing the dispute.
One of the disputed issues is whether cookie banners must have a “reject all” button. Some regulators do not see this as mandatory, referring to Article 5(3) of the 2002 E-Privacy Directive, which does not require it.
The digital subscription for IT and technology offers exclusive tests, guides, and background information to help readers stay up-to-date with the latest regulations in law, consumer, and data protection. The subscription includes c’t, iX, MIT Technology Review, Mac & i, and Make magazines. With a monthly fee of just €9.95, subscribers can enjoy all the benefits of this comprehensive subscription.