How Cookie Walls Violate GDPR According to the DPA

Published in Member Communities on May 07, 2019

Did you know that you may be in violation of GDPR? According to the DPA (Dutch Data Protection Authority), cookie walls are in violation of GDPR. Compliance can be tricky, but staying on top of the latest information will help keep your organization operating at the highest level of security. Here’s what you need to know about GDPR violations from the security experts at VGM Technologies.

The Importance of GDPR Compliance

General Data Protection Regulation (GDPR) came into effect as of 2018 in the European Union. It mandates that personal data be stored, processed, collected and destroyed safely. Personal data is defined by GDPR as anything that can identify a person. This could be anything as basic as a screen name on social media.

It’s important for organizations outside of the US to be GDPR compliant, because as many have realized, technology is global. US-based companies can still be held liable to GDPR if they handle personal data of a person living in the EU. The financial penalties are severe for noncompliance and this is why it’s important to make sure you are adhering to GDPR regulations. Our cybersecurity vendor partner, ProCircular recently released a very informative article about Regulatory Trends in Privacy and Cybersecurity in 2019. Take a look at their article to get a big picture look of how GDPR fits into privacy and cybersecurity.

What is a cookie wall?

It’s not as great or delicious as it sounds. A cookie wall is when a website requires users to agree to cookie tracking before they can use the website. If you’ve gone onto an advanced website lately, you have probably seen a pop up immediately show on the home page. It asks to accept the use of cookies before allowing you to interact with the site. It seeks to track user behavior on the site so ads can be retargeted to them based on browsing habits.

The DPA’s Stance on Cookie Walls

The DPA has made a firm stance that a cookie wall is not compliant, because it almost always requires a user to select “yes” before continuing using the website. This denies the site visitor to utilize the website without allowing their information to be tracked. The European Data Protection Board states, “In order for consent to be freely given as required by the GDPR, access to services and functionalities must not be made conditional.” However, the DPA says that some cookie pop-ups are less intrusive and do not break GDPR. For example, if a website needs to access cookies in order to provide a service directly asked for by the user or to carry out information, it is allowable.

Additionally, once this information is gathered, companies need to be held accountable for securing the information they collect. As of now, the DPA’s stance is only a statement and not an official ruling. However, we are fairly certain that it will be.

Stay ahead of the GDPR curve. Talk to us about Website Protection to make sure your site is secure and GDPR compliant.


comments powered by Disqus

From Our Experts

VGM Calls for Heartland Conference Speakers thumbnail VGM Calls for Heartland Conference Speakers VGM is now accepting proposals from prospective speakers for its annual Heartland Conference. SoClean Launches Device to Disinfect Phones, Keys, Household Items thumbnail SoClean Launches Device to Disinfect Phones, Keys, Household Items SoClean recently launched Device Disinfector, which allows for multiple small household items to be disinfected in 10 minutes. Using activated oxygen, it kills up to 99.9% of bacteria and viruses. 6 Ways to Make CPAP Repair Less Painful thumbnail 6 Ways to Make CPAP Repair Less Painful In this episode, we visit with Ronda Buhrmester, Sr. Director of Payer Relations & Reimbursement for VGM & Associates, and Dan Meyer, Chief Revenue Officer for Repair Authority, about providers' most pressing questions about CPAP repair and how Repair Authority has the solutions providers are looking for. Jurisdictions B and C: Claim Payment Alert 151 MUE Incorrect Processing thumbnail Jurisdictions B and C: Claim Payment Alert 151 MUE Incorrect Processing CGS Administrators recently sent out a news alert for Jurisdictions B and C. They aware of a claim payment issue in which some claims may have applied Medically Unlikely Edit (MUE) values incorrectly on the dates September 23, 2020 and September 24, 2020 only. Claims may have paid or denied in error as a result. CGS is correcting this issue and has indicated that it is a number 1 priority with them.  For more information, watch Ronda's vlog. HME - Past, Present & Future:  State of the Industry/Benchmarking Update thumbnail HME - Past, Present & Future: State of the Industry/Benchmarking Update I was honored to recently present at the 2020 HME News Business Summit, which was held Sept. 15-17, and, due to COVID-19, in a first-time “virtual” format. My session included a series of data, trends and analysis as to the state of the industry from 2010 to the present, and included financial and operational highlights from supplier submissions applicable to their 2019 results. Here is a summary of the presentation. Helping Your Employees Rebuild and Find Happiness thumbnail Helping Your Employees Rebuild and Find Happiness Every employee has a different set of circumstances coming at them, especially so far in 2020. While taking care of our employees, we still have businesses to run. To be successful, the best leaders will start with their employees. How do you help your employees to rebuild themselves and also find happiness? DMEPOS Warriors: Michael Tracey with Aspirus At Home Medical Equipment thumbnail DMEPOS Warriors: Michael Tracey with Aspirus At Home Medical Equipment VGM & Associates always enjoys highlighting our members who are a shining example of excellence in DME. The current business environment can be difficult to navigate and generating revenue can sometimes be a challenge. However, Michael Tracey shares with us how he helped lead Aspirus At Home Medical Equipment to success and provides tips for how Aspirus generates revenue. 10 Ways to Keep Your Employees Engaged During a Pandemic thumbnail 10 Ways to Keep Your Employees Engaged During a Pandemic In this episode, we sit down with Arienne Martinez, director of training and development for HOMELINK, a division of the VGM Group. Arienne chats with us about her recent article that was featured in the latest VGM playbook, “Protecting Your Most Important Asset: Your People,” about keeping your employees engaged during the pandemic, especially with much of the workforce working remote.