skip to main content
CookiePro Blog 2 minutes | November 26, 2019

Cookies 2019 Year in Review: CNIL

As 2019 comes to a close, CookiePro is looking back on some of the privacy headlines. Over the next couple of weeks, we’re featuring a series providing cookie updates that were made in certain regulations and frameworks. This week, we’ll highlight when France’s Data Protection Authority, the CNIL, released updated cookie guidelines.

Updated CNIL Guidelines

On July 4, 2019, the CNIL released new guidelines that repealed those from Article 5.3 of the e-Privacy Directive from 2013. The updated Guidelines outline methods of obtaining consent when using an online tracker, the use of audience measurement trackers, and the configuration of terminal settings.

In addition, the CNIL mentioned that the Guidelines will be followed by a new recommendation (‘the Draft Recommendation’), which will be created after consultation with professionals and civil society and will then be subject to public consultation.

Key Takeaways

  1. Before installing cookies and other technologies, consent must be must be freely given, specific, informed, and affirmatively expressed, as well as provided for each distinct purpose of the processing activity.
  2. The use of a pre-ticked banner is not considered a valid way of obtaining consent at any time.
  3. Service providers must implement user-friendly solutions in order to allow users who have given their consent to withdraw at any time.
  4. Service providers should implement mechanisms to demonstrate that they have obtained the consent of users.
  5. Blocking access to a website or mobile application to users that do not not provide consent is to be deemed incompatible with the GDPR.
  6. Analytic cookies and audience measurement technologies may be regarded as necessary for the provision of the service explicitly requested by the user, and can be exempted from the collection of consent.
  7. A cookie policy must include information regarding the identity of the data controller, the purpose of the placing or tracking operations, and the right to withdraw consent. It also must be clearly visible to the user.

Recent Posts

Countdown to CCPA: Cookies Master Class Series
Countdown to CCPA: Cookies Master Class...
Check out our webinar series to learn how you need to manage cookie consent prior to the CCPA 2020 deadline.
+ View Article
Cookies 2019 Year in Review: ICO
Cookies 2019 Year in Review: ICO
In our weekly Cookies 2019 Year-in-Review blog series, we’re covering headlines that were made from regulations in 2019 about privacy...
+ View Article
CCPA Compliance Checklist: Three-week countdown
CCPA Compliance Checklist: Three-week...
This week in our CCPA Compliance Checklist blog series, we’ll review how to use our product to respond to consumer requests.
+ View Article
CCPA Opt-Out Requirement Solutions
CCPA Opt-Out Requirement Solutions
The CCPA Do Not Sell rule gives consumers the right to opt out of the sale of their personal information. Here's how to make sure you...
+ View Article
popup close button