EU privacy advocate goes after non-compliant cookie banners on websites

EU privacy advocate goes after non-compliant cookie banners on websites

Austria-based noyb has launched new complaints over failure to comply with cookie consent rules.

European privacy campaign group noyb released a slew of complaints targeting website operators that, according to noyb, failed to act upon earlier warnings to bring their cookie consent banners into compliance with the EU’s legal standards.

The group, as reported in TechCrunch, says that these sites have failed to comply with laws and regulations such as the General Data Protection Regulation (GDPR). Noyb says the latest batch of 226 complaints were lodged with 18 data protection authorities (DPAs) around the European Union.

Users are victims of “deceptive settings”

The complaints relate to the most widely used cookie banner software, made by OneTrust. It’s not the software itself that’s the issue, noyb says. Rather, the complaints target deceptive settings being applied. In other cases, the complaints centered on site users having no option to deny tracking, a clear breach of the law around consent.

Deceptive cookie pop-ups have had a corrosive impact on the privacy rights of web users in the region, systemically stripping people of their right to protect their information. They’ve also been very damaging to the reputation of EU data protection rules like the GDPR — enabling critics to blame the regulation for spawning a tsunami of annoying cookie banners, despite the fact the law clearly outlaws consent theft via cynical tactics like injecting one-way friction or offering users zero opt-out ‘choice’.

The vast scale of cookie consent violations has posed a major enforcement challenge for the EU’s network of under-resourced data protection authorities. This has prompted noyb to step in with a strategic approach to help clean up the “cookie banner terror” scourge, as noyb calls it.

Tip: European Parliament is found to have broken EU’s own Privacy rules