Skip to main content
Webshop trustmark and reviews ValuedShops
  • Increase trust and sales
  • The lowest price
  • Automatically collect reviews

Are you already eating cookies? The legal what and how of cookies on the web store.

Written by Jelmer van der Linden
 
The cookie law has been in force for quite some time now. Yet we still see many webshops without notification regarding the cookies and the request for approval by the consumer. When a merchant does place a notification, it is often still possible to place products in the shopping cart while the consumer has not yet agreed to the use of the cookies needed for that. It seems, therefore, that there is still much ambiguity regarding the legislation. Therefore, in this blog, "Are you already eating cookies? The legal what and how of cookies on the web store.

Privacy law requirements: processing of personal data

If a cookie leads to processing of personal data, the strict data protection legislation applies, and let's be honest; (almost) every website nowadays processes personal data. Yet we still see many webshops without notification regarding cookies or the legally required request for approval to place cookies. What should it look like legally? First, you can only use (tracking) cookies on the web store when the customer has given explicit permission. Have you not yet received explicit permission for this from the consumer? Then the use of cookies is not (yet) allowed by law. For the merchant this means that a consumer cannot place an order (product in the shopping cart) when this consumer has not yet given permission for the use of cookies. This often has to be done multiple times, because in addition to our desktop, we make massive use of laptops, tablets and smartphones. On each gadget, approval must again be given for the use of those same cookies.

So aren't those cookie notifications heartbreakingly irritating to consumers?

Many a consumer will flat out answer 'yes' to that. And also within politics they understand that the cookie legislation does not work very well in practice. Hence, a new proposal has now been written by the European Commission in Brussels. The proposal, published by the European Commission on Jan. 12, 2017, proposes that cookie approval be automatic within the browser. If it is up to the European Commission, the consumer will no longer have to manually accept each cookie, as they can also set this once within the browser itself. However, the commission does want the consumer to be well informed about the use of cookies and thereby have insight into what kind of cookies are used on a website. The proposal is part of a larger plan to build Europe's data economy, called the Digital Single Market. Now this proposal might seem to solve all the problems regarding cookie notifications; after all, the consumer only needs to indicate once within the browser that it accepts all cookies. But the legislation seems to overshoot the mark, namely that by automatically accepting all cookies you no longer have any control over your privacy. So why not refuse all cookies? Well.

What are your thoughts on cookies and ensuring personal data protection?

It seems to be a long way to go before we solve all the problems associated with cookies. Therefore, we are curious to know the thoughts of our members (and others who use cookies in practice). What do you see as a solution to using cookies while protecting consumers' personal data?