French privacy cops snarl at websites over crap EU cookie warnings
Banners and browser settings are not enough, you muppets
French privacy watchdog CNIL has snarled at 20 websites for failing to comply with EU cookie laws.
Following a series of raids last year, the Commission Nationale de l’Informatique et des Libertés this week put the websites on notice for not giving users enough information about how their activity is being tracked.
Under EU law, websites must get explicit informed consent before placing cookies on browsers and in 2013 CNIL issued a set of guidelines for companies about how to comply.
However, several spot-checks last year revealed that although some of the sites have a banner informing users that cookies will be placed on their computer, none of them waited for consent before doing so.
Previously, many websites interpreted browser settings that permitted cookies as a sufficient form of consent.
CNIL noted that some of the websites in question invite users to set their browsers to block cookies if they do not want them, but added that is not a sufficient way to construe consent, apart from in exceptional cases.
No sanctions have yet been taken against the websites and CNIL says that initial responses from the sites concerned indicates a willingness to comply.
As France's national data protection authority, CNIL has the power to impose fines if companies do not comply within a specified time-frame. ®