Advocacy Group Lodges 422 GDPR Complaints for Misleading Cookie Banners
Clym has previously reported that European regulators are putting additional efforts and resources behind monitoring website cookie compliance, and it appears that private advocacy groups are looking to assist them with their pursuit. Most recently, the Max Schrems-led advocacy group NOYB has filed 422 GDPR complaints with ten data protection offices against companies using misleading cookie banners. Prior to these filings, the websites were warned that unless they corrected their noncompliance within 60 days, a formal GDPR complaint would be made; those who did not heed the notice may now be at risk of significant GDPR fines and penalties, as well as heightened scrutiny from regulators.
Why did NOYB take this action?
NOYB identified a wide range of problems with the way websites across Europe presented cookie banners to visitors, primarily regarding clarity about what the users are agreeing to, and what their choices are (or should be) related to data collection from website cookies. Many cookie banners are intentionally misleading, or outright noncompliant cookie walls. GDPR has a number of requirements related to website cookies, most notably the concept of granular consent, and most offending websites under NOYB’s glare did not utilize a consent management platform that allows for this level of detail.
Is this the final action for NOYB?
It does not appear that will be the case, as NOYB has identified 10,000 companies across Europe who have problems with their cookie banners. The advocacy group plans to send these companies and their websites a warning letter, which will give them time to cure the inadequacies; whether the companies respond positively to these warning letters may dictate whether data protection authorities in various European countries will see a significant uptick in enforcement action and likewise, a drastic increase in fines and penalties being levied against non-compliant companies.
How Can Clym Help?
If you receive a letter from NOYB, or you want to take proper preventative measures to avoid getting a NOYB letter in the future, your first step should be to contact Clym. Regardless of whether you’re currently using third-party cookies or strictly collecting first-party data, most data privacy laws around the world require that you implement a consent management platform to your website. Clym believes in striking a balance between legal compliance and business needs, which is why we provide a cost-effective, scalable and flexible platform to comply with LGPD, GDPR, CCPA and other laws, including those in the UK, as they come online. Our platform provides consumers with an effective and easy-to-navigate way to opt-out of data collection while not infringing upon the website UI that businesses rely on to drive revenues. Contact us today about how your company can implement Clym to help manage your data privacy regulation compliance from a global perspective.