A privacy advocacy organization has filed hundreds of complaints online against what it refers to as “cookie banner horror.”
Noyb, led by well-known Austrian privacy advocate Max Schrems, is targeting corporations that it claims make it difficult to opt-out of monitoring cookies on purpose.
“By law, consumers must be provided a clear yes/no option,” according to the organisation.
Marketing groups have blamed the problem on the EU’s tight privacy standards.
Cookies are used for a variety of purposes, but one of the most common is third-party advertising tracking, which is why advertisements for a product you may have looked for “follow” you from page to website.
Following the implementation of the EU’s General Data Protection Regulation (GDPR) in 2018, websites began to show conspicuous pop-up forms, while several American companies terminated service to EU consumers.
That also pertained to the United Kingdom, and it was incorporated into UK law following Brexit.
However, many websites need users to cancel consent for hundreds of marketing partners individually, which might take several minutes. Others highlight the phrase “accept all” in green or make it more visible.
According to Noyb, an abbreviation for “none of your business,” that type of form is meant to make it “very difficult to click anything but the ‘accept’ button.”
Most websites ‘do not conform.’
To tackle this, the organization has developed an automated system that it claims can detect infractions and automatically file a GDPR complaint.
It argues that “the majority of banners do not comply with the GDPR rules.”
Fines can be up to €20 million (£17.5 million) or 4% of a company’s global sales, whichever is greater.
According to the company, 81 percent of the 500 pages in its initial batch of complaints did not include a “reject” option on the initial page, but rather were concealed under a sub-page. Another 73 percent utilized “deceptive colors and contrasts” to entice users to click “agree,” and 90 percent did not give a simple mechanism to withdraw consent, according to the report.
- Google was fined £91 million for using ad-tracking cookies.
- Tech Tent: Is ad tracking coming to an end?
Noyb claims it would initially send draft complaints to 10,000 of Europe’s most popular websites, along with information on how to adjust settings.
It does, however, state that if companies do not comply within a month, it would make complete official complaints with enforcement agencies.
“If successful,” the organization added, “users should see simple and obvious ‘yes or no’ options on an increasing number of websites in the coming months.”
Mr Schrems, the group’s chair, is a well-known privacy campaigner who has previously filed successful court challenges.
In July of last year, he was successful in having an agreement governing the transfer of EU citizens’ data to the US ruled down by Europe’s top court.
According to Mr. Schrems, the newest effort was created to tackle “a big industry of consultants and designers” that create “crazy click labyrinths.”
“Frustrating individuals into clicking ‘yes’ is an obvious breach of the GDPR’s principles,” he added, accusing companies of attempting to “make privacy a headache for customers.”
“They frequently purposefully make the design of privacy settings a headache, while blaming the GDPR for it.
“Because this narrative is repeated on hundreds of websites, readers begin to believe that these bizarre banners are mandated by law.”
The legal foundation for cookie consent is convoluted, encompassing both an older set of standards known as the ePrivacy Directive and the more current GDPR, as well as a variety of country data protection bodies that implement the laws.
Pat Walshe, a data security and privacy specialist, stated that the advertising industry’s attitude to the standards had “lead to uncertainty at best.”
“A lack of regulatory enforcement, in my honest view, has emboldened the ad infinitum.
Cookies have also come under fire in recent years, with many pushing for them to be phased out in favor of a different method.
Google, for example, has began phasing down third-party cookie support in its popular Chrome web browser, citing privacy concerns.