Cookie Banners

cookie banner
The GDPR was meant to ensure that users have full control over their data. But being online has become a frustrating experience for people all over Europe: Cookie banners appear at every corner of the web, often making it extremely complicated to click anything but the “accept” button. 

Companies use so-called “dark patterns” (like unfavorable contrasts for buttons or links) to nudge more than 90% of users to click “agree” when industry statistics show that only 3% of users actually want to accept cookies. These methods clearly contradict the principles of the ePrivacy directive and also the GDPR, as valid consent must be freely given, specific, informed and unambiguous. 

More and more websites now also make use of “cookie paywalls” or “pay or okay” banners, giving users the option to accept all cookies which leads to their data being passed on to hundreds of tracking companies or take out a subscription for often times exorbitant prices. In this case, users have no free choice as saying "no" to tracking is not only time-consuming, but also expensive. The costs for paying usually exceeds the revenue for advertisement by a factor of 10 to 100. Providers of software solutions therefore praise “pay or okay” as an option to get a consent rate of more than 99%.

In order to tackle these problems, noyb

  • is investigating the way cookie banners are implemented online and whether the choices users make are respected in practice,
  • has developed a mass scanning system to automatically detect unlawful cookie banners and create complaints which are sent to the companies, giving them a grace period to adjust their cookie banner before the complaint is submitted to the responsible authority,
  • developed a proposal for a standard that would manage preferences, because we believe the real answer to this issue is user-centered privacy and to create simple solutions for consumers and
  • is aware of the problem that newspapers and magazines are looking for avenues to survive in the digital world but narrow profits at the expense of their readers’ fundamental right to data protection will not be the solution for structural financial problems.

Case Controller DPA Status Duration
C037-11101 Turner Broadcasting System France SAS CNIL (France) partly_won Filed:
(3 years ago)
C037-11102 Fortum Sverige AB DSB (Austria), Tietosuojavaltuutetun toimisto (Finland), IMY (Sweden) pending Filed:
(3 years ago)
C037-11106 DKV Deutsche Krankenversicherung AG LDI (North Rhine-Westphalia) pending Filed:
(2 years ago)
C037-11115 Hearst Magazine Media, Inc. DSB (Austria) partly_won Filed:
(2 years ago)
C037-11122 Brand 24 Sp. z o.o. UODO (Poland) pending Filed:
(3 years ago)
C037-11129 Estée Lauder Companies GMBH BayLDA (Bavaria) Filed:
Closed:
(5 months 2 weeks)
C037-11131 Adecco Nederland AP (The Netherlands), DSB (Austria) pending Filed:
(3 years ago)
C037-11135 Adecco Poland Sp. z o.o. UODO (Poland) pending Filed:
(3 years ago)
C037-11137 Samlerhuset Norge AS Datatilsynet (Norway) pending Filed:
(3 years ago)
C037-11141 ViacomCBS DSB (Austria) withdrawn_complied Filed:
Closed:
(8 months 2 weeks)
C037-11143 Smartbox Group Limited DPC (Ireland) pending Filed:
(3 years ago)
C037-11156 Tilbudsugen.dk ApS Datatilsynet (Norway) pending Filed:
(2 years ago)
C037-11163 The Walt Disney Company (Benelux) BV AP (The Netherlands), DSB (Austria) pending Filed:
(3 years ago)
C037-11170 ARCTIC S.A. ANSPDCP (Romania), DSB (Austria) partly_won Filed:
(3 years ago)
C037-11171 shopping24 Gesellschaft für multimediale Anwendungen mbH HmbBfDI (Hamburg) partly_won Filed:
(2 years ago)
C037-11180 MSC Cruises S.A. DSB (Austria) partly_won Filed:
(3 years ago)
C037-11183 ProdesFin S.r.l. Garante per la protezione dei dati personali (Italy) partly_won Filed:
(3 years ago)
C037-11196 Agora SA UODO (Poland) pending Filed:
(3 years ago)
C037-11200 Chill Insurance Ltd DPC (Ireland) pending Filed:
(3 years ago)
C037-11207 British Council (Germany) BlnBDI (Berlin) won Filed:
(2 years ago)

Share