EU - Pre-ticked "cookie" consent: Advocate General says no

In a non-binding opinion issued on 21 March 2019, Advocate General Maciej Szpunar of the Court of Justice of the European Union (CJEU) concluded that pre-ticked check boxes did not constitute valid consent to the use of cookies. This matter involved the online practices of a German lottery organiser, which had a preticked online cookies consent checkbox, so participants had to uncheck the box if they did not wish to consent to the use of cookies.

Under the ePrivacy Directive, websites are required to obtain visitor consent to cookies (except cookies which are necessary for the service), and to provide visitors with clear and comprehensive information about cookies. In this case, both Regulation (EU) 2016/679 (GDPR) as well as Directive 95/46/EC (Data Protection Directive) were relevant. The Advocate General confirmed his view that the requirements for consent are the same under the Data Protection Directive and the GDPR.

In applying these requirements, the Advocate General explained as follows: "requiring a user to positively untick a box and therefore become active if he does not consent to the installation of cookies does not satisfy the criterion of active consent" under the Data Protection Directive and now enshrined in the GDPR, taking into account the definition of "consent" and the statement in recital 32 that 'consent should be given by a clear affirmative act'.

On the second question referred by the CJEU, the Advocate General found that that the clear and comprehensive information that must be provided to a website visitor under the ePrivacy Directive includes (among other things): (a) the duration of the cookies; and (b) third party access to cookies. This will be of interest to websites which do not currently set out cookie duration in their cookies policy.

This matter was referred to the CJEU by the German Federal Court of Justice to clarify how EU data protection law on cookies and consent should be interpreted. We now await the ruling of the CJEU, which is expected to issue its judgment in the coming months. The non-binding opinion of the Advocate General is available in English here.

Content is provided for educational and informational purposes only and is not intended and should not be construed as legal advice. This may qualify as "Attorney Advertising" requiring notice in some jurisdictions. Prior results do not guarantee similar outcomes. For more information, please visit: www.bakermckenzie.com/en/client-resource-disclaimer.

Register now for your free, tailored, daily legal newsfeed service.

EU - Pre-ticked "cookie" consent: Advocate General says no

Filed under

Topics

Laws

Organisations

Popular articles from this firm

144A vs REG S Only- considerations in high yield offerings *

Singapore: Beauty salon provides undertaking to consumer watchdog to cease unfair trade practices *

The EU Pharmaceutical Package From a National Perspective: Member States’ First Reactions *

Switzerland: Flexibilization in the area of social security for cross-border remote work *

Related practical resources PRO

Related research hubs