Blog

Connecting the dots on: cookie consent

Sourcepoint
November 10, 2021

Activity around cookie consent has been steadily ramping throughout Europe, with DPAs and privacy activists scrutinizing the effectiveness of consent in protecting user privacy.

From dark patterns in cookie banners to depositing non-essential third-party tracking cookies on users’ computers without consent, cookie behavior is the target of recent regulatory guidance, enforcement, and ecosystem activity.

Download our timeline to get an overview of the last six months of cookie consent activity.

TIMELINE

May 2021: Noyb announces GDPR “draft” complaints focused on dark patterns in cookie banners (noyb)

June 2021: Google makes commitments to the UK’s ICO and CMA and delays deprecation of third-party cookies (AdExchanger)

July 2021: The California Attorney General backs Global Privacy Control (Digiday)

July 2021: A German DPA cracks down on improper consent practices: “Consents on websites of media companies are mostly ineffective”  (LDI)

July – Aug 2021: Amazon faces major GDPR fine for lack of proper consent, exposing cracks the the consistency of how regulations are applied (Bloomberg)

July 2021: Italian DPA issues cookie guidelines. (Garante)

July 2021:  CNIL issues formal notices to 40 organizations for failure to allow users to refuse cookies as easily as accepting them (CNIL)

HIGH-PROFILE COOKIE CONSENT ENFORCEMENT 

29 July 2021: CNIL fines Le Figaro for dropping cookies before consent: their first such action against a publisher (CNIL)

Aug 2021: Noyb files the approx. 400 GDPR complaints against entities who didn’t correct their practices to their satisfaction (noyb)

Aug 2021: Malta issues cookie guidelines (IDPC)

2 Sept 2021: Irish DPC levies €225 million fine against WhatsApp for only relying on terms & conditions for consent (IAPP)

THE ECOSYSTEM REFLECTS ON THE STATE OF CONSUMER PRIVACY EXPERIENCE

6 Sept 2021: UK’s ICO urges G7 counterparts to engage in cookie banner reform, including the idea of “meaningful” consent (ICO)

23 Sept 2021: Facebook announces they will finally display their own CMP to users on Facebook and Instagram (Adweek)

17 Sept 2021: The Finnish Transport and Communications authority, Traficom, publishes a revised guide to cookie usage (Traficom)

25 Sept 2021: EDPB sets up a task force for European DPAs dedicated to harmonizing consent banners for the deposit of cookies. The task force will also be responsible for coordinating responses to the 422 complaints lodged in August by Noyb (EDPB)


As data controllers, publishers are realizing that they aren’t only responsible for their own behavior, but also the actions of their partners and third-party vendors on their channels. More than ever, publishers will be required to invest in resources to monitor their properties for illegal behavior and downstream risk.

Want to learn about how Sourcepoint can provide privacy protection for your organization? Discover DIAGNOSE, our compliance monitoring tool. Schedule a demo today.

Latest Blog Posts

Week of November 22, 2021

November 30, 2021

Belgian DPA finalizes draft IAB decision for DPA feedback....

FAQ: Updates on the Belgian DPA’s investigation of the IAB’s TCF

November 30, 2021

An investigation by the inspection service of the Belgian...

Week of November 15, 2021

November 22, 2021

Bedoya testifies in FTC nomination hearing, plus federal online...

Latest White Papers

Ebook: A Publisher’s Guide to Vendor List Curation

August 16, 2021

How to review your vendor list to mitigate compliance...

Keep in touch

Sign up for our newsletter to keep up with the latest privacy and media news.

Let's explore what we can do together.

We’ll be in touch within 48 hours

    First name *

    Last name *

    Email address *

    Company *

    Message *

    * indicates required fields