Important New Cookies Guidance Released

The Article 29 Working Party has today issued new guidance (PDF) on the requirements for websites to be compliant with the cookie law.

The EU’s main advisory body on privacy and data protection is made up of the regulators from each member state, so its opinions, whilst not legally enforceable, carry significant weight in terms of how the law should be interpreted.

The body has been looking at the various cookie consent solutions that have been used, so this new guidance is really focussed on the practical aspects of compliance.

The main takeaway from this new guidance is that the ‘information only’ cookie notices that have been most widely adopted, particularly in the UK, are regarded as  insufficient for obtaining valid consent.

On the issue of browser settings as a mechanism for indicating consent, whilst it does uphold the view that this is possible, in referring also to an earlier opinion on this issue (buried in a document on behavioural advertising), it indicates that this is only likely to be valid where the default browser settings are ‘privacy first’, and a user has actively changed these to be more permissive.

As we have noted before, at the moment no mainstream browsers, not even those blocking third party cookies by default, are sufficiently privacy oriented to satisfy this requirement.

In essence this guidance document is making the case that in almost all circumstances, website visitors should be given choice to accept or refuse the placing of cookies, and that this choice should remain available to them in future visits, so they can change their mind.

This of course is the compliance model that Optanon has been providing all along. Nevertheless we shall be reviewing the detail of this document to look at how we prioritise further product enhancements to make Optanon an ever better fit to the compliance requirements of the cookie laws.