Menú

All

Cookies regulation

Regulation on Cookies: GDPR, ePrivacy Regulations and Cookie Act

Cookies are regulated through the so-called ePrivacy Directive, the LSSI and the GDPR. (LSSI, Ley de Sociedades de la Informacion. Information Society Act). In this brief collaboration we analyze the present and future (ePrivacy Regulation) of the regulation of cookies.

As technology develops, this directive and Spanish law have fallen behind. For this reason, the next ePrivacy Regulation will try to update the mentioned current regulations. Let’s see how.

Contacto No te quedes con la duda, contacta con nosotros. Estaremos encantados de atenderte y ofrecerte soluciones.

Regulations

GDPR

It only collects the cookies that constitute personal data, whose definition is included in this Regulation. The use of cookies that treat personal data will require express consent with certain characteristics.

We are talking about presenting a warning that truthfully informs the person of how their data is treated by cookies. In addition, it must be clear, with an affirmative and negative message that cannot be misinterpreted. Logically, it must be given before any data processing, and it must be mutable.

Cookies Act and LSSI

Obligation for the user to be informed and to give his consent to the cookies. As long as these cookies are not necessary for the operation of the website. That is to say, secondary cookies will need consent.

This method has lost part of its reason for being. Due to the improper use of this tool by a large number of websites. The non-exposure of all the necessary information, the installation of cookies prior to consent. These examples, as well as the “consent fatigue”, put in question the success of this regulation.

The validity of tacit consent was raised. The AEPD (Agencia Española de Protección de Datos. Spanish Agency on Data Protection) in its “Guide on the use of cookies” considered it valid. This is, for example, the situation that occurs when you continue to browse a page with a notice of consent. This would imply tacit consent. This is not the case with the cookies governed under the GDPR. The EU has rejected the scroll as consent in this area.

ePrivacy Regulation.

This new EU regulation (not yet in force) entails a number of relevant changes:

Attempting to convert the banners as mere additional information. That is, that consent is given independently and freely.

  • Use of opt-in for consent.
  • Comprehensibility in language.
  • It is compulsory for the user to set the desired cookies in the browser in advance and permanently (but changeable).

Conclusions

The necessary renewal of the regulation on cookies does not have a definitive date yet. In the meantime, the RGPD, the Cookie Act and the LSSI will determine the guidelines your company must comply with. Therefore, it is necessary to know first hand the cookies you use, and the current regulations.

If this article has been of interest, we also suggest you to read the following article published on our website: Data Protection Dictionary (Jargon)

Publicaciones relacionadas