Blog

Amazon fined €35M by CNIL for violating cookie rules

FRANCE: Amazon Europe Core Sarl receives a fine of €35 million for setting cookies without users’ consent and for not informing of the purpose of these cookies. The decision by CNIL sends a clear message to non-compliant websites. Here’s how to collect valid consent to cookies.

Is my website compliant?

Amazon in major European cookie fine

On December 10, 2020, the French Data Protection Authority (CNIL) announced it has imposed a €35 million fine on Amazon Europe for violating article 82 the Act n°78-17 of 6 January 1978 on Data Processing, Data Files and Individual Liberties.

Same day Google LLC and Google Ireland received a €100 million fine for violating same the article regarding the use of marketing cookies on google.fr.

Based on investigations of amazon.fr back in December 2019, CNIL found that when users entered the amazon website, cookies were automatically stored on their computers or phones without their prior consent.

CNIL states that the placement of cookies prior to consent is not compatible with current requirements for using cookies in France.

Specifically, CNIL noted that amazon.fr

  • did not provide its users with adequate information in the cookie pop-up about the use of cookies.
  • prompted users that with continued use of the website they automatically accepted cookies.
  • users could not reject or object to Amazon’s use of cookies.

Therefore, the CNIL concluded that Amazon did not comply with current national or European privacy regulations regarding informing users on the use of cookies for marketing purposes and for not collecting valid consent to cookies.

Consequently, the CNIL imposed a fine of €35 million on Amazon, since the cookie practices had been going on for a long time and that millions of French people were impacted by the practices.  

The press release by the CNIL (in French only).

How to comply with current privacy regulations

The European rules on cookies are described in the ePrivacy Directive, yet most information cookies collect are personal and thus regulated by the GDPR.

When your website uses cookies, either first-party cookies or third-party cookies from services like Google Analytics, Facebook Pixel, LinkedIn Insights or YouTube, you are required to collect your users’ valid consent to cookies.

Cookies from abovementioned services all collect your users’ personal data with marketing purposes. Therefore, using these types of cookies requires you to collect a consent which meets the requirement of recital 32 in the GDPR.

“Consent should be given by a clear affirmative act establishing a freely given, specific, informed and unambiguous indication of the data subject’s agreement to the processing of personal data relating to him or her (..) Silence, pre-ticked boxes or inactivity should not therefore constitute consent”.

GDPR Recital 32

Here’s a complete checklist to collecting valid consent to cookies.

Checklist for collecting
valid consent to cookies

When it comes to informing users about cookies, obtaining and storing valid consents, you should use a certified Consent Management Platform.

You can try our Consent Management Platform and our professional cookie banner for free for 30-days. We guide you all the way from setup to implementation to onboarding if you like.

References

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn
Share on email
Email
We have already helped more than 1,500 clients

Start your free trial

No credit card needed

client_logos

Not Sure Yet?

Get a free compliance check to see if you need a consent solution.

Follow Cookie Information
and stay informed on privacy news

Sign up for our newsletter

About us

Cookie Information is a Privacy Tech company specialized in developing software that helps you and your company making your websites and mobile apps GDPR and ePrivacy compliant.

Contact information

Cookie Information A/S

Kristen Bernikows Gade 4,
1105 Copenhagen K, Denmark

VAT: DK-38758292

Copyright © 2021

Thank you for signing up to our newletters

We are excited to start sending you news & tips & tricks about our CMP.

You can unsubscribe at any time.