<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=5678177&amp;fmt=gif">

New Decision on the Use of Cookie Walls Issued by Denmark’s DPA

flag of Denmark

On the 20th of February, the Danish Data Protection Authority, Datatilsynet, issued a press release containing two important decisions related to the use of cookie walls on websites. In addition, it also published a set of general guidelines for companies. 

These decisions and guidelines come following the Danish Data Protection Authority's focus on personal data processing of website visitors in early 2020, when it received two specific complaints regarding the websites of two businesses, Gul og Gratis and Jysk Fynske Medier, and their use of cookie walls.

The general finding is that if website visitors can access the content in exchange for either consent or a small fee paid to the website owner, then consent is considered to be valid in either case. 

In the case of Gul and Gratis, it was decided that the alternative consent method of paying for access was valid, the cost was reasonable, and access to content was appropriate. As regards processing personal data for statistical purposes, the company could not demonstrate that this was necessary and were unable to justify including it in the payment alternative. 

Jysk Fynske Medier was found to not meet the requirements for valid consent. Their approach was to allow website visitors access to certain unlocked articles against their consent, or to the full content in exchange for a subscription. Because the service offered without consent was not largely equivalent to that offered with payment,  website visitors were not provided with a free choice, and the company did not demonstrate that processing personal data for statistical purposes was necessary for the paid alternative, the Danish DPA issued an order to both companies to comply with data protection regulations or modify their consent solutions accordingly.

Denmark’s Data Protection Authority has also provided general guidelines on the use of cookie walls, consisting of four criteria that will serve as the basis for assessing whether the use of cookie walls is compliant with data protection rules:

  • A reasonable alternative
  • A reasonable price
  • Purpose limitation
  • Personal data processing of paying website visitors