Finland changes cookie rules

The Finnish Traficom has changed its cookie guidelines. Browser settings do not constitute valid consent anymore. Here’s what you need to know about the new Finnish cookie requirements.
Table of Contents

The Finnish Cookie Saga may finally have come to an end!

Today, the Finnish Transport and Communications agency Traficom released a change to the Finnish cookie guidelines.

The development makes an end to the Finnish cookie consent practices in which consent to cookies could be given via browser settings.

The new decision is expected to impact thousands of business websites.

The Finnish cookie saga

Back in May 2020, the Finnish Ombudsman published a decision on the requirements for cookie consent.

It largely contradicted the decision made by the Finnish Transport and Communications agency Traficom a month prior.

The clash between the Ombudsman and Traficom concerned the matter of whether consent to cookies could be given through browser settings or not.

The Ombudsman (Data Protection Authority) ruled that instructing website users to accept or decline to the use of cookies through browser settings does not constitute active and explicit consent under the GDPR.

However, the Traficom’s April 24, 2020 decision echoed the 2002 ePrivacy Directive in which website users only has to give informed consent to cookies i.e., click ‘ok’ to cookies.

Today, May 4, 2021, the Traficom changed its cookie guidelines to meet conditions laid down by the Ombudsman and the GDPR.

What are the new Finnish cookie requirements?

No one may process another person’s personal data without a legal basis or valid consent!

First of all, the new requirements cover all non-essential cookies.

That is, all the cookies used for marketing, analytics or share/like features etc.

Second, using browser settings for cookie control or to collect consent is no longer legal.

The new Finnish cookies rules are as following.

Consent to cookies must meet the GDPR requirements for consent.

  • Consent must be freely given, specific, informed and unambiguous.
  • Rejecting cookies must be as easy for the user as it is to give consent.
  • Silence, scrolling, swiping or continuous use of a website or app is not considered consent.
  • Pre-ticked boxes are not legal. Users must be able to opt-in to cookies, not out.
  • Referring to browser settings for rejecting cookies is not legal. 

The Traficom recommends that you use a consent pop-up (cookie banner) to collect valid consent to cookies.

The use of cookies and other tracking technologies is regulated by the Electronic Communications Services Act : Section 205 of the Electronic Communications Services Act (FI).

The new cookie guidelines are based on the ePrivacy Directivethe GDPR and the European Court of Justice’s decision on cookies and consent in the case against Planet49

What do the cookie requirements mean for you?

If you use cookies on your website, ask your user for a consent to cookies.

⮕ You can do that with a cookie banner.

Let them say ‘no’ to cookies if they do not want to be tracked.

⮕ You can do that with a simple reject all-button next to the accept button.

Make sure you inform your users about which cookies you use; what data they collect; and when they expire.

⮕ You can do that with a good cookie consent solution. It scans your site to provide your banner with the newest information about cookies.

Respect their privacy choices.

⮕ You can do that by preventing your cookies to be stored in your user’s browser until you obtain consent.

How can you follow the new cookie requirements?

The Traficom underscores that valid consent can be obtained with a professional cookie consent solution, i.e., a cookie banner.

However, make sure it can collect a consent that is meets the requirements of Traficom’s guidelines and the GDPR.

With Cookie Information your website can get a cookie banner that:

  • Collects valid consent to cookies.
  • Informs about cookies, their purpose, owner and lifespan.
  • Includes a cookie policy based on frequent scans of your website.
  • Identifies new risks to your business.
  • Stores all consents securely (as required by law).
  • Enables you to customize your banner with your brand colors and logo.

All in all, your website gets a solution that ensures your business’ compliance and your users’ privacy.

And are you worried about losing insights about your visitors?

Our consent rates are above 75%! And we are an official Google CMP partner which means you instantly get access to Google Consent Mode with our solution.

That means you get aggregated data from all those who say no to cookies. You can measure success of campaigns and content strategies all the same.

Don’t know if it is something you need?

Get a free compliance check of your website. Fill the form, enter your domain and we’ll scan for cookies and trackers and give you our solid advice for how you can become GDPR compliant.

Free compliance check

Or else, book a meeting with us to learn more about how we can ensure your business’ cookie compliance with the new Finnish guidelines in mind.

Book a short informal meeting