cookie walls

On June 19, 2020, the French Council of State (Conseil d’État) decided that the French Supervisory Authority (“CNIL”) had gone too far in its guidance on cookies and similar technologies when it stated that conditioning a user’s access to a website upon his or her acceptance of certain cookies (commonly known as “cookie walls”) is never compliant with the consent requirements in the EU General Data Protection Regulation (“GDPR”).

According to the Council of State, such a blanket prohibition cannot be deduced from the text of the GDPR. The Council of State reminded the CNIL that its guidance is only soft law and therefore must follow the text of the GDPR. The CNIL has announced that it will adapt its guidance in light of the Council of State’s decision. The decision serves as a stark reminder that even EDPB or CNIL guidance is can only interpret the text of the GDPR, and cannot break fresh legal ground.
Continue Reading French Council of State Decides that the French Supervisory Authority Cannot Prohibit Cookie Walls

On March 7, 2019, the Dutch Supervisory Authority for data protection issued guidance prohibiting the use of “cookie walls” on websites.  Cookie walls require website users to consent to the placing of tracking cookies or similar technologies before allowing them access to the website.  According to the regulator, it received
Continue Reading Dutch Supervisory Authority Prohibits “Cookie Walls” under GDPR