Page 1 of 1

"Cookiebanner" violating regulations ?!

Posted: Thu Mar 31, 2022 5:38 pm
by OSWorX
On the 2nd February 2022 Belgiums Authority for Data Protection decided, that Cookiebanners are violating the GDPR.
The Authority punished the organization IAB Europe (which has developed the underlying framework TCF several years ago) with a fine of 250.000,- Euro.

The decision: https://www.autoriteprotectiondonnees.b ... nglish.pdf
IAB itself has appealed against that decision: https://iabeurope.eu/all-news/iab-europ ... ty-ruling/

In detail, the Inspection Service finds that IAB Europe is in breach of the following legal provisions
and principles of the GDPR
with its Transparency and Consent Framework:

▪ Articles 5.1.a and 5.2 (principles of fairness, transparency and accountability)
▪ Article 6.1 (lawfulness of processing);
▪ Article 9.1 and 9.2 (processing of special categories of personal data);
▪ Article 12.1 (transparency of information, communications and modalities for
exercising data subjects' rights);
▪ Article 13 (information to be provided when personal data have been obtained from
the data subject);
▪ Article 14 (information to be provided when personal data have not been obtained
from the data subject);
▪ Article 24.1 (responsibility of the data controller);
▪ Articles 32.1 and 32.2 (security of processing)

Outside the scope of the complaints, the Inspection Service also finds additional
infringements of the following provisions of the GDPR:
▪ Article 30 (register of processing activities);
▪ Article 31 (cooperation with the supervisory authorities);
▪ Article 24.1 (responsibility of the data controller);
▪ Article 37 (appointment of a data protection officer.

Article about that all (in German): https://www.zeit.de/digital/2022-03/coo ... atenschutz

Re: "Cookiebanner" violating regulations ?!

Posted: Fri Apr 01, 2022 10:51 am
by rjcalifornia
Are current Cookie banners extensions for OpenCart not compliant with GDPR?

Re: "Cookiebanner" violating regulations ?!

Posted: Fri Apr 01, 2022 6:55 pm
by OSWorX
rjcalifornia wrote:
Fri Apr 01, 2022 10:51 am
Are current Cookie banners extensions for OpenCart not compliant with GDPR?
General and in short: NO - they are not!

Re: "Cookiebanner" violating regulations ?!

Posted: Fri Apr 01, 2022 9:06 pm
by straightlight
Without any restrictions implied during checkout and the API, while these laws are simply growing with time, what a shame.

Re: "Cookiebanner" violating regulations ?!

Posted: Fri Apr 01, 2022 10:13 pm
by OSWorX
straightlight wrote:
Fri Apr 01, 2022 9:06 pm
Without any restrictions implied during checkout and the API, while these laws are simply growing with time, what a shame.
What a useless comment!

Generally no website need a cookie to work.
Cookies are meant (and used) basically to follow visitors only - not to provide functions or something like that.

The so called "technical" cookies (e.g. for language and session) are the only one nobody needs to confirm (or any consent).
"Marketing" cookies are the evils, and for all of them, the website needs the consent of the visitor.

The visitors must have to opportunity to decide wether to accept cookies - or not.
And as long this consent is not given, beside the "technical" cookies not one may be set.

So, all Googles services setting a cookie (like Google Analytics) before the visitor has agreed to receive any cookie from them - are not allowed.

Don't know which "restrictions implied during checkout" or any "API" do you mean?!
And these laws are not "growing with time", since the 25th May 2018 we have already something called GDPR.
Soon 4 years later .. and you say "growing"?

A shame is a statement like yours.
And a shame how most cookie banners are styled.
99% of them use "dark patterns", try to confuse the visitor, hide settings or behind several clicks - only the get a "pseudo consent" because too many visitors just click on every thing which looks like a "success" button.

And with none of the solutions for OpenCart the storing of cookies before the consent is given is avoided.

Re: "Cookiebanner" violating regulations ?!

Posted: Fri Apr 01, 2022 10:43 pm
by straightlight
OSWorX wrote:
Fri Apr 01, 2022 10:13 pm
straightlight wrote:
Fri Apr 01, 2022 9:06 pm
Without any restrictions implied during checkout and the API, while these laws are simply growing with time, what a shame.
What a useless comment!

Generally no website need a cookie to work.
Cookies are meant (and used) basically to follow visitors only - not to provide functions or something like that.

The so called "technical" cookies (e.g. for language and session) are the only one nobody needs to confirm (or any consent).
"Marketing" cookies are the evils, and for all of them, the website needs the consent of the visitor.

The visitors must have to opportunity to decide wether to accept cookies - or not.
And as long this consent is not given, beside the "technical" cookies not one may be set.

So, all Googles services setting a cookie (like Google Analytics) before the visitor has agreed to receive any cookie from them - are not allowed.

Don't know which "restrictions implied during checkout" or any "API" do you mean?!
And these laws are not "growing with time", since the 25th May 2018 we have already something called GDPR.
Soon 4 years later .. and you say "growing"?

A shame is a statement like yours.
And a shame how most cookie banners are styled.
99% of them use "dark patterns", try to confuse the visitor, hide settings or behind several clicks - only the get a "pseudo consent" because too many visitors just click on every thing which looks like a "success" button.

And with none of the solutions for OpenCart the storing of cookies before the consent is given is avoided.
Regardless how one may believe to be useless, you're still going to address these issues to inform the people while it's people above our pay grade that takes care of these. Regarding the banners, however, that is something else that's been happening for a long time but I do understand where this is going especially since, being the case, that none of the solutions with Opencart for cookie storage have been considered without the use of extensions. In the end, that comment isn't that useless after all.

Re: "Cookiebanner" violating regulations ?!

Posted: Thu Aug 25, 2022 6:09 pm
by SchmidtC
Great article! I realized these are my favorite kinds of GI articles. Enough news and reviews, more stuff like this! Let the writers get creative!