Tracking Cookies - Currently still illegal!
Cookie Banner:
• The banners show an overview of all processing operations requiring consent, which can be explained and activated in function.
• Access to privacy and imprint may not be prevented by cookie banners.
• Before and while the banner is being displayed all further scripts from a website or web app are blocked if they can potentially capture user data. Only after approval, the data processing may actually take place.
• Without the option to refuse cookies it lacks the required voluntariness.
• A consent must be revocable as simple as possible.
As of late Cookie banners have been appearing almost everywhere. For most of the time they cover the content when visiting a website and require an "accept" or "ok". This could be seen as a direct implication of the General Data Protection Regulation which was released at the end of May 2018. Accordingly, this task should first have been taken over by the European E-Privacy Regulation, which still does not exist. Thus, shortly before the entry into force of the GDPR, a position paper was published which required explicit consent of users regarding site tracking mechanisms. Through creating a user profile these mechanisms are able to track the behavior of people on the internet. According to the position paper the informed consent must "be obtained in the form of a statement or other clearly confirming act before the data processing"1. From the beginning this special route of consent solution was very controversial.
By examining 40 websites of larger providers in early 2019, the Bavarian data protection authority found out that not one provider meets all the strict requirements. Many of the currently displayed banners are clearly unlawful. Especially the missing option of rejecting cookie usage is a common problem. In addition, operators must present the processing of data to users in a transparent and comprehensible manner. In addition to a listing of the individual forms of processing, the function of a specific consent to individual forms of data processing is often absent. Only then will it be possible for users to make decisions with the complete knowledge of the specific situation and to understand the scope of the consent. It has to be acknowledged that in specific cases, the interest of the website provider has to be weighted with the interest and the fundamental rights and freedoms of the individual user. Even after a year, there is still much legal uncertainty in this area.
Tag-Filter
28.01.2021 - Choosing your own cloud - GDPR-compliant and without compromises [more...]
30.11.2020 - OnlyOffice - Working without Microsoft and Google [more...]
02.11.2020 - Digital policy and state trojans [more...]
30.09.2020 - Online events – more than a room [more...]
28.08.2020 - Consent-free tracking with Matomo as an alternative to Google Analytics [more...]
22.07.2020 - Privacy Shield Judgement - Privacy vs mass surveillance [more...]
17.06.2020 - Data protection-compliant work from home: decentralized and open source [more...]
26.05.2020 - GDPR-compliant e-learning with BigBlueButton, Moodle and Nextcloud - data protection begins with the little ones [more...]
24.04.2020 - [more...]
20.04.2020 - Home office tools: not everything that glitters is gold ... [more...]