How Cookie Walls Violate GDPR According to the DPA

Published in Member Communities on May 07, 2019

Did you know that you may be in violation of GDPR? According to the DPA (Dutch Data Protection Authority), cookie walls are in violation of GDPR. Compliance can be tricky, but staying on top of the latest information will help keep your organization operating at the highest level of security. Here’s what you need to know about GDPR violations from the security experts at VGM Technologies.

The Importance of GDPR Compliance

General Data Protection Regulation (GDPR) came into effect as of 2018 in the European Union. It mandates that personal data be stored, processed, collected and destroyed safely. Personal data is defined by GDPR as anything that can identify a person. This could be anything as basic as a screen name on social media.

It’s important for organizations outside of the US to be GDPR compliant, because as many have realized, technology is global. US-based companies can still be held liable to GDPR if they handle personal data of a person living in the EU. The financial penalties are severe for noncompliance and this is why it’s important to make sure you are adhering to GDPR regulations. Our cybersecurity vendor partner, ProCircular recently released a very informative article about Regulatory Trends in Privacy and Cybersecurity in 2019. Take a look at their article to get a big picture look of how GDPR fits into privacy and cybersecurity.

What is a cookie wall?

It’s not as great or delicious as it sounds. A cookie wall is when a website requires users to agree to cookie tracking before they can use the website. If you’ve gone onto an advanced website lately, you have probably seen a pop up immediately show on the home page. It asks to accept the use of cookies before allowing you to interact with the site. It seeks to track user behavior on the site so ads can be retargeted to them based on browsing habits.

The DPA’s Stance on Cookie Walls

The DPA has made a firm stance that a cookie wall is not compliant, because it almost always requires a user to select “yes” before continuing using the website. This denies the site visitor to utilize the website without allowing their information to be tracked. The European Data Protection Board states, “In order for consent to be freely given as required by the GDPR, access to services and functionalities must not be made conditional.” However, the DPA says that some cookie pop-ups are less intrusive and do not break GDPR. For example, if a website needs to access cookies in order to provide a service directly asked for by the user or to carry out information, it is allowable.

Additionally, once this information is gathered, companies need to be held accountable for securing the information they collect. As of now, the DPA’s stance is only a statement and not an official ruling. However, we are fairly certain that it will be.

Stay ahead of the GDPR curve. Talk to us about Website Protection to make sure your site is secure and GDPR compliant.


comments powered by Disqus

From Our Experts

NCART: House Circulates Sign-On Letter for CRT Manual Wheelchair Accessories thumbnail NCART: House Circulates Sign-On Letter for CRT Manual Wheelchair Accessories NCART recently announced some good news from our Congressional champions. As we prepare for National CRT Awareness Week, Representatives John Larson (D-CT) and Lee Zeldin (R-NY) are circulating a bipartisan letter to CMS for additional signatures to ensure people with disabilities who use Complex Rehab Technology (CRT) manual wheelchairs have the same access as those using CRT power wheelchairs. We need you to get your Representative to sign on! HME News: Accessories: Time to Follow Up, Stakeholders Say thumbnail HME News: Accessories: Time to Follow Up, Stakeholders Say Complex rehab stakeholders are working with their champions in Congress to craft a letter asking CMS to permanently change its payment policy on accessories for complex rehab manual wheelchairs, according to a recent article from HME News. HME News Business Summit 2020 thumbnail HME News Business Summit 2020 Join us as we talk with Liz Beaulieu, Editor of HME News, about the upcoming virtual HME News Business Summit. DMEPOS Warriors: Brooke Strachan, Owner of The Boob Shop thumbnail DMEPOS Warriors: Brooke Strachan, Owner of The Boob Shop When hard times come, it's not always easy to think on the bright side. For Brooke Strachan, finding the positives in any situation is her philosophy, and this state of mind is what led to her owning her own business. More Details on Medicare Audits Beginning August 3 thumbnail More Details on Medicare Audits Beginning August 3 In recent meetings with CMS, The van Halem Group has learned that while the date to begin medical review functions is August 3rd, there will likely be a delayed time frame before audit requests officially go out. CMS is currently working to develop instructions for contractors and intends to take a "toe in the water” approach, as opposed to opening up a flood gate of audits. HME News: Challenging Fall Awaits Complex Rehab Providers thumbnail HME News: Challenging Fall Awaits Complex Rehab Providers Don Clayback, executive director of NCART, stated that complex rehab providers could see a downturn in revenues in late summer, early fall. 2020 HME Woman of the Year Nominations Open Through August 14 thumbnail 2020 HME Woman of the Year Nominations Open Through August 14 Now in its fifth year, the award, sponsored by VGM, recognizes one woman in the industry who has made increasingly significant contributions throughout her career to her company, community, and the home medical equipment industry. VGM's Mike Mallaro on How to Get to the Other Side thumbnail VGM's Mike Mallaro on How to Get to the Other Side The COVID-19 pandemic has broken the mold for how the HME industry has always done business, but that can create opportunity—if providers are open to it, says VGM CEO Mike Mallaro.