0
BLOG | Cookie Compliance | November 27, 2019

Cookies 2019 Year in Review: Germany DSK Guidance

In our weekly Cookies 2019 Year-in-Review blog series, we're covering headlines that were made from regulations in 2019. This week, we're focusing on updated Guidance from the Germany DSK.

Post Featured Image

In our weekly Cookies 2019 Year-in-Review blog series, we’re covering headlines that were made from regulations in 2019. This week, we’re focusing on updated Guidance from the Germany DSK.

Germany DSK Updated Guidance

In March 2019, the association of German Supervisory Authorities for data protection (‘Datenschutzkonferenz’ or DSA) released updated Guidance on the applicability of the German Telemedia Act (‘TMG’).

The Guidance aims to serve as Guidance for the implementation of data protection requirements when processing users’ data through telemedia services. This Guidance is the result of a stakeholder consultation carried out by the different German Supervisory Authorities last year.

8 Key Takeaways

  1. In accordance with Article 4(11) and Article 7 of the GDPR, consent must be informed, specific, freely given and affirmatively expressed. The user should always be able to exercise their rights, and should not suffer in the event of absence or consent withdrawal.
  2. Suitable options to ensure valid consent to data processing include the ticking of boxes on a website, the selection of technical features, or other forms of declaration of will or active behavior.
  3. Any form of data processing should be explained clearly and understood by the user.
  4. In accordance with Recital 32 of the GDPR, implied consent such as silence, inaction, or pre-checked boxes cannot be considered consent.
  5. Cookie banners providing information about cookies and an ‘OK’ button, but no option to refuse to the setting of cookies are not considered to be sufficient as consent is not freely given as required under Article 7 of the GDPR.
  6. The lifespan of cookies is not specified under German law. However, under the GDPR, shorter lifespans are more likely to meet the requirements.
  7. An option to withdraw consent must be provided and the procedure to withdraw must be as easy as the procedure to consent.
  8. The cookie policy must be user-friendly and should include simple terms, not overlying complex legal or technical terminology.
How to create a cookie banner in CookiePro

You Might Also Like

knowledge

10 Steps to Complete Google Data Safety...

View Resource
knowledge

Google Play Data Safety vs. Apple Nutrition...

View Resource
Datasheet

6 Step Checklist to Complete Google Play’s...

View Resource
Webinar | 45 minutes

Google Play Data Safety: What it Means...

View Resource
Onetrust All Rights Reserved