The BGH (Federal Court of Justice) and the European Data Protection Board (EDSA) became active in May.

BGH: Approval or rejection of cookies when entering a website must be available

The BGH decree (28.05.20 – IZR 7/16) followed the veredic of the CJEU (European Court of Justice) from October 2019 which state that, users must be given the opportunity to decide whether they want or not to consent to privacy-related cookies from advertisers or third-party providers when entering a website.

The user should not be prevented from using the website in case of opting on not allowing  the use of privacy related cookies.

“Cookie walls” to be inadmissible

The new EDSA new guidelines on cookie consent declares that, the so-called “cookie walls” to be inadmissible. This also includes data protection relevant cookies which are forced upon the user to be accepted in order to the user to have access to the page.

Only „technically necessary“ cookies are permitted as pre-selected cookies, i.e. those without which a page is technically incapable of running. The EDSA also gave a clear rejection to the automatic consent to cookies, in which the user scrolled down on a page.

Cookie updates through regular cookie scans

The correct handling of cookies remains a very important issue, especially for online shop operators. However, data protection officers who operate cookie management for their company or, on behalf of customers, continue to keep the topic into top priority, which states that cookies do not always remain the same and must be checked regularly.

The platform GDPR service solves the problem of cookie updates through regular cookie scans, keeping it up-to-date and compliant.

For online shop operators who use the Magento shop system (1 + 2), this service is already available in the cookie module and can be accessed from there.