Irish website operators warned they could face enforcement action if not complying with ePrivacy and GDPR when using tracking cookies. Data controllers given six-month grace period to comply.
Irish DPC publishes new guidance to cookies and consent
The guidance is the result of a sweep on 38 household websites in Ireland which showed that users of Irish websites “are being tracked by third parties to a significant degree across their browsing habits and daily online activities”.
Data controllers and website operators are allowed a six-month grace period to comply with the requirements before enforcements are commenced.
Six key takeaways from the guidance to cookies
Bottomline is: All cookies require consent except strictly necessary cookies and cookies used for communication. Analytics cookies always require consent.
Here are the takeaways:
Six key takeaways:
- Cookies require consent (except for strictly necessary purposes or for communication).
- Consent must be reaffirmed within 6 months and must be given to each cookie purpose (e.g. statistics, functional, marketing).
- Pre-checked boxes and implied consent is not allowed for. Websites may not assume that users give consent merely by scrolling down the website or has seen information in a cookie pop-up.
- Cookie pop-ups must give users the option to decline cookies. Pop-ups only with ‘accept’ buttons are not compliant.
- Cookie pop-ups may not 'nudge' users into accepting cookies or make it difficult to reject cookies.
- Cookies for chatbot functionalities may not be set prior to the user explicitly requesting to use the chatbot.
Start collecting valid consent
It is not difficult to collect valid consent to cookies and thereby comply with the guideline put forward by the Irish DPC.
Try our Consent Solution for 30 days [for free!]
What do you get?
Cookie Information's Consent Solution offers you a highly customizable consent pop-up for your website.
The pop-up integrates perfectly with your website UX design and is completely ePrivacy and GDPR compliant.
Features of the solution:
- GDPR valid consent pop-up (to collect user consents)
- Privacy controls (options for your user to decline cookies)
- Deep scan (of your website cookies)
- Storage of Consents for up to 5 years (as required by law)
- SDK implementation options (for blocking cookies prior to consent)
- Compliance Dashboard (complete overview of cookies, consents and acceptance rates).