Cookies are essentially small memory files that personalize your browsing experience on a particular website. These files can help you access the secure areas of the site or allow webshops to hold your items in the cart etc. Certain cookies also specialize in the collection of behavioural data for targeted advertisements etc. These cookies pose many privacy concerns to the users and thus, the recent EU ruling aims to overcome it.
Pre-checked Consent Boxes Aren’t Valid Under EU Laws
In late 2019, the European Court of Justice gave powers to internet users for active consent over the usage of Web identifiers like Cookies. It is a modification over the 2002 EU Cookie Law that ensured user consent over Cookies. But the lenient interpretation of the 2002 law made it difficult for the user to access the privacy policy. They would invariably agree without having active control over its consequences.
What Does It Imply On Your Website Design?
The websites owned by EU firms or targeted at EU audience must actively ensure the following as soon as the user logs-in to their website:
- - Actively receive users’ consent over cookies usage.
- - Allow users to access the website even if they refuse to cookies usage policy.
- - Have a transparent mechanism for users to withdraw their consent over cookies usage.
- - No pre-ticked boxes and users’ are required manually select the type of cookies they want to store.
The below image shows an example of how your Cookie Usage Declaration is expected to look; giving maximum control to the User.
Bulldog Design ensures full-compliance of your website design subjected to the EU privacy laws. Let us know your thoughts. Ask our team to guide you through more web solutions for your business.
A Brief Timeline
EU Cookie Law of 2002 was a law ahead of its time to ensure fair usage & storage of user data by the company over the internet.
But a decade later, the 2013 case of Planet49 involved a German consumer organization alleging illegal consequences of pre-ticked usage of third-party cookies for targeted advertising. They argued that the authorization did not involve explicit consent from the user.
Now with the passage of General Data Protection Regulation (GDPR) in 2018 - the most comprehensive law related to user data privacy, the companies are under a legal obligation to inform users about how their personal information is gathered. Reading the recent judgment and GDPR together, the service providers will also have to inform their users how long the cookies would operate and whether third parties would have access to gathered data.