Compliant cookie banners mission impossible?

Those pesky cookies… and even worse, those pestiferous cookie banners.  These banners keep popping up, asking for our consent time and again. And they are often in no way compliant with the GDPR, as Nataliia Bielova (Inria) and Cristiana Santos (Utrecht University) point out in this outstanding presentation, both from a legal and in-depth technical point of view. They formulated 22 low level legal/technical requirements to implement consent mechanisms in web applications, compliant with the requirements in GDPR and the ePrivacy Directive (do read their extensive article). In their talk they present a multitude of pitfalls, while indicating difficulties experienced when checking compliance.

Is compliance actually impossible? Bluntly, today it’s a tough challenge, though some pointers are provided regarding (future) solutions. At the very least, this session focuses your attention on many pitfalls, helping your (preferably multidisciplinary) approach to avoid them. As you should, because many GDPR court cases are the result of inadequate consent mechanisms. Do understand that invalid consent results in the interdiction of processing the data involved for the stated purposes, and will result in potentially heavy fines if processing continues.

Cookies are pesky, but the two sessions on cookies combined provide extremely helpful and needed insights in managing them in a compliant way. They’re a ‘must’.

 



Other blog posts

EU Cybersecurity Act: moving forward

One main objective of the European Cyber Security Act is to inform business and consumers about the security of ICT products, processes and services, through certification schemes. This webinar provides solid information about the present status of the Act's implementation.


Share this useful content with friends: